Launching 2015: a New Certificate Authority To Encrypt the Entire Web

Peter Eckersley writes: Today EFF, Mozilla, Cisco, and Akamai announced a forthcoming project called Let's Encrypt. Let's Encrypt will be a certificate authority that issues free certificates to any website, using automated protocols (demo video here). Launching in summer 2015, we believe this will be the missing piece that deprecates the woefully insecure HTTP protocol in favor of HTTPS.

Replace Cisco, and Akamai and then maybe..

[denis-The-menace]

Replace Cisco, and Akamai and then maybe I'll be convinced it's better than the current situation. But it's still oxymoronic service: A central authority that *REQUIRES* trust for people who don't trust anybody.

And what do you do for countries with draconian Cert laws like England? (They want a copy of your root cert)

The resulting entity would have to be incorporated in Iceland or something. FAR away from 5-eye's dragnets.

Shared hosting...

[The_Systech]

I see nothing in here about how they plan to address shared web hosting. To me that's always been more of an issue than the cost of the certificate.... Current implementations of SSL requires one certificate to be bound per IP address, and there is no "hostname" request from the browser like there is with HTTP. When I can pick up a certificate for less than $20 per year, the cost of the certificate is not going to hold me back... The fact that I can't install the certificate on my "Shared hosting" website, would however.