Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Open CA Let’s Encrypt Comes Out of Beta

One month after announcing that it had issued over one million certificates since opening to the public in December last year, free and open Certificate Authority (CA) Let’s Encrypt has come out of beta.

One month after announcing that it had issued over one million certificates since opening to the public in December last year, free and open Certificate Authority (CA) Let’s Encrypt has come out of beta.

The Let’s Encrypt initiative was proposed by the Electronic Frontier Foundation (EFF) as an alternative to established CAs, in an attempt to encourage site owners as possible to secure their domains by providing them with free certificates. The CA issued its first digital certificate in mid-September 2015, entered private beta the next month, and was launched in public beta in December.

On Tuesday, Let’s Encrypt announced that it is leaving beta and that it has secured more sponsors, which should help it continue operations unhindered. The CA’s founding sponsors Cisco and Akamai renewed their sponsorships for 3 more years, while Gemalto, HP Enterprise, Fastly, Duda and ReliableSite.net are new sponsors of the initiative.

Previously, companies such as Mozilla, Cisco, Akamai, Automattic and IdenTrust, among others, also announced their support for the open CA, the same as Linux Foundation. The goal behind Let’s Encrypt is to encrypt all website traffic using Transport Layer Security (TLS), thus protecting user data from eavesdroppers.

The initiative issued its 1 millionth certificate three months after entering public beta and has already reached the 1.7 million certificates for roughly 3.8 million websites. Over the past several months, the CA has gained enough operational experience and confidence in its systems to move out of beta, Josh Aas, ISRG Executive Director, explains in a blog post.

Although its certificates have already been abused by cybercriminals for nefarious purposes, the initiative’s goal to “encrypt 100% of the Web” by offering free certificates has inspired others too, with Amazon already offering free certs as well. However, Let’s Encrypt might turn out to be more of a placebo effect than an actual security solution, F5 Networks’ David Holmes explains in a SecurityWeek column.

Earlier this week, WordPress announced that HTTPS is available for all blogs and domains hosted on WordPress.com, and that Let’s Encrypt made this security enhancement possible. For the past two years, the popular content management system has been supporting encryption for sites using WordPress.com subdomains.

Let’s Encrypt is not the only organization committed to bringing HTTPS to more areas of the web, to make the Internet a more secure place. Google too is promoting secure connections by favoring HTTPS pages over their unencrypted counterparts, and recently announced it is monitoring the use of HTTPS on the world’s top 100 sites.

Advertisement. Scroll to continue reading.

Commenting on Let’s Encrypt’s new milestone, Todd Moore, Vice President of Encryption Product Management at Gemalto, said: “We’re very proud to be a Gold Sponsor for Let’s Encrypt which leverages our industry-leading hardware security modules to protect their certificate authority system. Encryption by default is critical to privacy and security, and by working with Let’s Encrypt Gemalto is helping to deliver trust for the digital services that billions of people use every day.”

 

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

Cloud and container security firm Sysdig has tapped William Welch as CEO on its path to an IPO.

Dave Scher has been promoted to Deputy Chief Information Officer at MITRE.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.