"Let's Encrypt" Project To Issue First Free Digital Certificates Next Month

An anonymous reader writes: Let's Encrypt, the project that hopes to increase the use of encryption across websites by issuing free digital certificates, is planning to issue the first ones next month. Backed by the EFF, the Mozilla Foundation, the Linux Foundation, Akamai, IdenTrust, Automattic, and Cisco, Let's Encrypt will provide free-of-charge SSL and TSL certificates to any webmaster interested in implementing HTTPS for their products. The Stack reports: "Let's Encrypt's root certificate will be cross-signed by IdenTrust, a public key CA owned by smartphone government ID card provider HID Global. Website operators are generally hesitant to use SSL/TLS certificates due to their cost. An extended validation (EV) SSL certificates can cost up to $1,000. It is also a complication for operators to set up encryption for larger web services. Let's Encrypt aims to remove these obstacles by eliminating the related costs and automating the entire process."

StartSSL ?

StartSSL has already been doing this. I believe Let's Encrypt real goal is to make the deployment and unkeep easier?

Re:StartSSL ?

[bitwise+counselor]

StartSSL has already been doing this. I believe Let's Encrypt real goal is to make the deployment and unkeep easier?

StartSSL offers free certificates for non-commercial use only, and they charge more than a certificate from another CA to revoke your certificate ($24.90 ATM).

Re:StartSSL ?

[phantomcircuit]

StartSSL is great, but not entirely free of cost.

StartSSL certs are not free to commercial entities.

StartSSL charges for certificate revokation.

Re:StartSSL ?

StartSSL does not offer free wildcard certs. As a site with quite a few subdomains, I need wildcard in order to be practical. I hope this new one will do free wildcard.

Unfortunately, one problem they can't help me with is advertisers who refuse to serve over https thus making using even free certs expensive in lost ad revenue.

Re:StartSSL ?

I tried using StartSSL... Their site was very slow, too complicated and confusing to use, didn't work properly on non-windows OSes.

Re:StartSSL ?

[Spazmania]

It works fine on non-windows OSes and has no particular speed problems that I've observed.

It is, as you say, complicated and confusing to use. They send a browser certificate you have to use to authenticate which basically nobody else does, and the process for using it is clunky. Then you have to find the sign-this-certificate functionality which while not exactly hard is also not exactly obvious.

Re: StartSSL ?

Hmm, I got my wildcard certs from StartSSL?

Re:StartSSL ?

[viperidaenz]

letsencrypt doesn't plan on offering wildcard certs initially. They may do so later.

Why this /. post links to a no-name news website instead of https://letsencrypt.org/ I don't know... that information was readily available in their FAQ.

Re:StartSSL ?

Yeah. Fuck StartSSL and their revocation fees.

Re:StartSSL ?

[Lunix+Nutcase]

It's pretty obvious. Someone wanted ad impressions for their site.

Re:StartSSL ?

You can use for commercial purposes, it's just basic domain validation.

Re:StartSSL ?

[krelvin]

StartSSL sucks. Renewing a cert they said I had to have a Level 2 Cert instead because I had a PayPal link on the site.

Switched everything over to NameCheap SSL PositiveSSL which cost money but don't play games, are very quick for approvals etc...

Re:StartSSL ?

StartSSL are free for commercial use. The don't charge to revoke their paid EV certs. The revocation thing really is a bad policy but to be fair you can get around it by just applying for a new cert for a different subdomain - and they encourage you do this in their documentation. The certs are valid for the domain itself and the subdomain need not exist. Non-EV certs are typically only employed for encryption rather than validation purposes so this is a fine solution as long as you host your site on the domain itself.

Re:StartSSL ?

With no costs and extremely simple setups, the need for a wildcart cert may go away entirely.

Re:StartSSL ?

Revocation isn't only useful because you stopped using it or lost the key, it's extremely useful when you think the private key may have been stolen and someone else is masquerading as your domain with their own site. Or someone else was somehow able to obtain a cert for your site which was not authorized.

Does a new certificate automatically revoke an old one on the same domain, such that you can only have one cert per domain? That would be the question.

Re:StartSSL ?

[Lennie]

"So now there is another option: The Chinese CA WoSign offers free SSL certificates which are valid for 2 years and may contain up to 100 domains each (multi-domain/SAN/UCC)"

https://buy.wosign.com/free/
https://www.ohling.org/blog/20...

Re:StartSSL ?

[operator_error]

Gotta agree, StartSSL has a serious business model that really does work in their best interest. Yeah, sure they give out free certs, until/unless you have the slightest 'professional' website, (like a portfolio site, with the sole intent of landing a job for example), and as others have pointed out, revocations cost more then a certificate from someone else to begin with.

Why is that part about revocations an issue in the first place you might ask? Because their poor user interface lead you to making a mistake that can only be done with a revocation, of course. Stay away from StartSSL and just pay good money for a cheap cert somewhere; a wildcard cert. if need be.

I learned this lesson the hard way *trying* to use StartSSL myself, and I have serious regrets having done so, especially after having to cough up all the documentation like a scan of my passport and more. You have been warned.

In contrast, the new service from 'Let's Encrypt' looks like a well-deserved breath of fresh air, and I can appreciate their list of business partners, especially EFF, the Mozilla Foundation, and the Linux Foundation.

Re:StartSSL ?

Unfortunately, one problem they can't help me with is advertisers who refuse to serve over https thus making using even free certs expensive in lost ad revenue.

Please name and shame these advertisers (I've never come across any major ones - just self-described "web desigineers" who are clueless). Why would you build a business on the back of such dodgy revenue streams?

Demonoid Penguin - moderating (I used my last point upvoting the post pointing to the free Chinese 2 year cert site)

Re:StartSSL ?

[Demonoid-Penguin]

I tried using StartSSL... Their site was very slow, too complicated and confusing to use, didn't work properly on non-windows OSes.

While I agree it's not a well designed site, and their service is slow, at least it separates the dangerously ill-informed from the clicketty, clicketty no-thoughts. For which reason I won't link to a much easier site that also does free limited time period certificates from a much better known vendor - as almost all the sites that use those free certs offer visitors insecure SSL ciphers, many are malware vectors because they're built by the clueless (WordPress - too damn easy to shoot foot and visitors), and it's commonly used on one-man "websight" "company" sites - that use tables. If you can't navigate the StartSSL site you're going to have trouble managing the keys securely, and have little hope of properly configuring your SSL ciphers. If that sounds harsh - it's meant to be (did you even try reading the StartSSL FAQs? Do you know what a browser cert is?) i.e. plan, research, review, test, deploy - not impulse, click.
The rest of us have no problems with the StartSSL site. I've been using if for years for several hundred free SSL and email certs (for pro-bono websites). Browsers used - Iceweasel, Konqueror and Qupzilla.

Re:StartSSL ?

Mostly smaller agencies. As I run an adult site, I can't really use any of the major ones.

And unfortunately demand isn't high enough lately to drop the ones that don't cooperate with https.

Re:StartSSL ?

StartSSL is great, but not entirely free of cost.

True, you still pay for EV certificates and for revocations.

StartSSL certs are not free to commercial entities.

Bullshit. We've been using them for > 5 years.

StartSSL charges for certificate revokation.

Yes, to discourage dodgy entities from registering for a day.

Re: StartSSL ?

A free one?

Re:StartSSL ?

[enter+to+exit]

I am tired of hearing about StartSSL and others giving "free" certificates whenever the need for a better solution is raised.

They are all loss leader products. You are suggesting we rely on a third party commercial entity for a free solution. A solution that may be unsustainable for that entity if large numbers of people choose it or the business changes. It's not actually a long term solution.

I am amazed that people are so willing to recommend a product like this as a viable solution to the certificate problem.

Re:StartSSL ?

[Martin+Blank]

They do some basic research on the domain to see if there are commercial aspects. I've had two domains that are entirely non-commercial turned down because they were allegedly found to be commercial. (When I protested, they had me go back through the validation process and then let them pass.)

Re:StartSSL ?

[dargaud]

I used StartSSL to obtain a certif for my small website when they came up. Spent a while to learn the procedure. A year later I had to redo it all when it expired. Pain in the ass, so I gave up. There should be either: long duration certificates (just like you can get a domain for 10 years), or a shell script that you can cron on your server that will renew automatically yearly.

Re:StartSSL ?

[AmiMoJo]

The problem with all these options is that the CAs are based in states where they could be coerced into producing bogus certs for the government to use for spying and cyber attacks. Do you trust the US or China not to do that?

Hopefully Let's Encrypt will find a few more CAs to partner with around the world, so at least people have a choice of who they want to be screwed by.

Re:StartSSL ?

[Bob+the+Super+Hamste]

So that is how the /. editors are making a living and spending their time.

Re:StartSSL ?

[Lennie]

Let's think that through for a moment, the real conclusion is:
It does not matter which CA gets coerced.

A real solution to this problem that works actually works in modern browsers (Chrome 38+, Firefox 35+) is (even if not for every site, only for sites you regularly visit): HTTP Public Key Pining

http://blog.rlove.org/2015/01/...
___

I don't know if Let's encrypt needs any other CAs to partner with.

Their software is open source and their protocol is described and open. Other CAs can offer the same service.

Re:StartSSL ?

So you think StartSSL should be responsible for *your* fuckup of losing your key? Typical entitled brat.

Re:StartSSL ?

[NetCow]

StartSSL are free for commercial use.

No, they are not, if you're referring to their free Class 1 certificates. They used to be up until 2012, but that policy changed back then. Commercially using their Class 1 certificates is prohibited by StartCom. See StartCom Certificate Policy & Practice Statements (warning: PDF) section 3.1.2 "Classes of digital X.509 Certificates" paragraph 1. Quoting from there (emphasis mine):

Class 1 Certificates provide modest assurances that the email originated from a sender with the specified email address or that the domain address belongs to the respective server address. These certificates provide no proof of the identity of the subscriber or of the organization.

Class 1 certificates are limited to client and server certificates, whereas the later is restricted in its usage for non-commercial purpose only. Subscribers MUST upgrade to Class 2 or higher level for any domain and site of commercial nature, when using high-profile brands and names or if involved in obtaining or relaying sensitive information such as health records, financial details, personal information etc.

Re:StartSSL ?

[NetCow]

Does a new certificate automatically revoke an old one on the same domain, such that you can only have one cert per domain? That would be the question.

Nope, it doesn't. Their interface for non-EV certs simply doesn't let you emit a new certificate if you already have emitted a non-expired non-revoked one for the same CN. You can easily get around this limitation, though, by emitting for another CN within the same domain and adding the old domain as a Subject Alternative Name in the extensions section.

Re:StartSSL ?

[NetCow]

StartSSL certs are not free to commercial entities.

Unfortunately, you are factually wrong. Their Class 1 certs used to be free for commercial purposes up until 2012, but that policy changed back then. See StartCom Certificate Policy & Practice Statements (warning: PDF) section 3.1.2 "Classes of digital X.509 Certificates" paragraph 1. Quoting from there (emphasis mine):

Class 1 Certificates provide modest assurances that the email originated from a sender with the specified email address or that the domain address belongs to the respective server address. These certificates provide no proof of the identity of the subscriber or of the organization.

Class 1 certificates are limited to client and server certificates, whereas the later is restricted in its usage for non-commercial purpose only. Subscribers MUST upgrade to Class 2 or higher level for any domain and site of commercial nature, when using high-profile brands and names or if involved in obtaining or relaying sensitive information such as health records, financial details, personal information etc.

cacert.org?

I wonder how this differs from the existing free offerings provided by cacert.org.

Re:cacert.org?

[lart2150]

cacert.org is not trusted by Windows, OS X, Mozilla, and others where Let's Encrypt will be thanks to a crossed sign cert. cacert.org's root certificate is also using md5 still so it's unlikely that it's current root cert ever will or should be trusted. lets encrypt will do all of the work of creating and renewing certificates with the use of their command line tool.

Shared hosting

There is still the problem of shared hosting where they force you to use their own certificates which aren't free.

Re:Shared hosting

[Jason+Levine]

If you're on shared hosting, you should get off ASAP. I used to have a few sites on shared hosting and we'd either a) be impacted by other users using too many resources or b) be threatened with disconnection by the host for using too many resources. The sites were small and not using that much in the way of resources, but shared hosting is tossing a thousand people into a pool and then kicking out the ones who try to swim the slightest bit. The hosts can do this because they know that there's a line of people ready to jump in to take the place of those kicked out.

Instead of going the shared hosting route, get a Virtual Private Server. It won't set you back that much. I pay $34 a month - and that's for managed hosting, unmanaged is much cheaper if you're comfortable managing the server yourself. Yes, this is more money than the $2 a month for "unlimited" space/bandwidth shared hosting, but you'll actually get what you pay for instead of being crammed together with a thousand other sites on an overloaded server.

(You could get a Dedicated Server, but these cost a lot more and only make sense for the biggest of websites. Get a VPS first and if your site grows to the point that it needs a dedicated box, then congrats.)

Re:Shared hosting

[mlts]

I prefer the VPS route, just because it gives some separation of data between myself and others. A shared hosting provider may have things (mis)configured to where a simple change in directory might allow another user access (if not modification) to my stuff, especially if they happen to find a way to get a shell.

Of course, VPSes are not perfect -- they can get hacked, but one has the ability to add 2FA and other items if need be.

Of course, there is one drawback... a lot of VPS sites don't allow you to set a cap on bandwidth used, so a DDoS might cost one dearly in money.

Re:Shared hosting

[mr_mischief]

There are problems with shared hosting, but this isn't one of them. That's a problem with specific shared hosting vendors. HostGator for one will install a cert for you that you bought somewhere else, or at least they used to.

Re:Shared hosting

[fnj]

VPSs have exactly the same situation. You end up on an overloaded host with other VPSs hogging CPU and bandwidth like crazy, and they hate you if YOU use too much.

Where the VPS wins is that you have your own IP, so other users can't get that IP blacklisted (unless the whole block gets blacklisted).

Re:Shared hosting

[fnj]

Which is why you choose a VPS provider who offers unlimited bandwidth. They exist, and they are the only safe VPSs to run.

Re:Shared hosting

[[Citation Needed]]

Re:Shared hosting

I pay £3.99 for a VPS in the UK with five sites running on it, and my sites are as fast as any other site I've ever visited. I also use SSL certificates from StartSSL which only cost me something like £3-£4 per YEAR, when I buy three years at a time.

So how is "Website operators are generally hesitant to use SSL/TLS certificates due to their cost." from the summary, true?

Re:Shared hosting

http://lowendbox.com/?s=unmetered&searchsubmit=Find

Did you even try google?

Re:Shared hosting

[guruevi]

VPS has the same problem as shared hosting amongst the majority, especially the 'cheap' VPS. Shared hosting == VPS and Shared Hosting is way more resource-friendly to the hosting company.

A good VPS is nicer to have than a shared host because you're (generally) not locked to a specific operating system or software stack but if you're just doing static or simple PHP content you may be better off with a good shared host than a similar cost VPS.

Re:Shared hosting

[Demonoid-Penguin]

There is still the problem of shared hosting where they force you to use their own certificates which aren't free.

If you're referring to HostGator and their ilk:-

• they don't force you to use their SSL certs (have you read the documentation?)
• It's hard to take complaints seriously from anyone who does use their sites and then complains. Did you do any research prior?

You can rent an SSD based VPS in the country of your choice, and host half a dozen sites on it for around the same price (each). If you need cPanel maybe you shouldn't be thinking about running a site that needs SSL.

P.S. Real "unlimited" is only available on services run by the Easter Bunny and Santa Claus - as you'll find out if you ever get any real traffic on those cheap shared hosting sites.

Re:Shared hosting

[Demonoid-Penguin]

a lot of VPS sites don't allow you to set a cap on bandwidth used

Can you expand on that please? What VPS manages to over-ride basic Linux bandwidth and quota tools - and what mechanism enables them to do this? Certainly I've never had any problems setting quota and limiting bandwidth for virtual hosts on any of our VPS - across a wide range of different providers. Likewise QoS.

Re:Shared hosting

[Demonoid-Penguin]

http://lowendbox.com/?s=unmetered&searchsubmit=Find

That's not the full truth, it's Bullshit. Yes there are no shortage of companies claiming to offer unlimited and unmetered. But claims and reality are different things. Try testing it (or read the fine print). If you like I'm happy to prove that to you any time you like. I'll supply the public key, you supply the ssh login and configure the proxy, and I'll see how many hours it takes before your default web page gets changed to a notice from your unlimited/unmetered host or they choke your bandwidth to a trickle.

And yes - I've used the VPSCheap offer - it took two hours before they choked the unmetered 1000MB bandwidth down to 15MB and sent us a warning email. Maybe you didn't read the weasel fineprint (VPSCheap.NET INC makes no warranties of any kind, expressed or implied for services we provide.)on the Terms of Service or simply failed to check your facts. It's not unreasonable - bandwidth isn't free, what's unreasonable is offering something they won't deliver.
Warning: they won't honor the 30 days money back when they fail to deliver either.

Before you cry "you must of been doing something illegal"... a promise is a promise. And no, just OpenStack and virtualbox images from our e2, and video streams from remote monitoring sites - all perfectly legal.

P.S. Google isn't a real university, and just because you can read a web page doesn't make you less uninformed.

Re:Shared hosting

I have been happy with NearlyFreeSpeech.net for years - if you're a low-volume site, you pay very little per month; your costs directly link to the resources you use. Plus I just like their attitude even though none of my sites are in the least controversial.
I also have an account with Dreamhost, for my vanity site - 65+ gb of photos & videos, but very little traffic, plus a number of other little domains, for $99/year is great for that use case.

Re:Shared hosting

There are decent shared hosting providers. ...or at least one. https://www.nearlyfreespeech.net/

Since they're "pay for what you use" they won't kick you off for using too much, as it just means that they make more money. As for cost, minus the domain renewal fees, I've paid $17.04 for the last 12 months. That's not per month, that's for the whole year. Over the last year I've averaged over 2 GB/month of data transfer and at present I'm using more than 500 MB of disk space. I can't say what it would cost to run a particularly popular web site as I don't have one, but the $34/month you're paying for a VPS would pay for 24x the web hosting I'm presently paying for, so I imagine it would still be cost-effective.

They also support IPv6, which seems to be rather rare given that when I disable IPv4 I can't access much of anything outside of Google, YouTube, Facebook, and my own web sites. Even one of the IPv6 test web sites doesn't work when IPv4 is disabled.

Re:Shared hosting

...and now that I've checked their forum, I see that the owner has this to say about Let's Encrypt:

Yes, I'm really hoping their automation will be strong enough to let us integrate it and just do this by default. (Assuming it all works out of course.)

They're a cool web host.

Grand opening!

[Krishnoid]

Let's Encrypt, a division of Shell Company, LLC., a wholly-owned subsidiary of Totally Not The NSA, Inc.

Re:Grand opening!

[Dagger2]

You can sign SSL certificates without ever knowing the private part of the cert, so it's possible to set things up such that it's obvious that they're not leaking the private part of your certs to the NSA.

Whether they will actually do that or not remains to be seen.

Re:Grand opening!

When you submit a CSR (Cert Signing Request), you generate the private key and keep it private; all you submit to the CA is the public key, which they sign. They never see the private key.

Re:Grand opening!

[joetroyer4077]

Let's Encrypt, a division of Shell Company, LLC., a wholly-owned subsidiary of Totally Not The NSA, Inc.

Is slashdot going to do this?

Re:Grand opening!

[Frobnicator]

Let's Encrypt, a division of Shell Company, LLC., a wholly-owned subsidiary of Totally Not The NSA, Inc.

You seem to misunderstand the purpose and nature of these certificates. While it is fun as a joke, that isn't what it is for.

These certificates never have been meant to protect against either government agencies or against employers. It has always been known by security geeks that any intermediate actor in the chain can eavesdrop and can intercept the connection. That is not what they protect against. They protect by revealing the links in the chain.

SSL is intentionally vulnerable for those implementing a MitM attack, and many businesses and schools implement this. Quite a few major networking products have simplified MitM down to the point of simply hitting a checkbox. One of the biggest corporate reasons for this is to enable caching.

SSL is absolutely vulnerable to being (eventually) deciphered by anyone who eavesdrops, and is vulnerable to being modified by any person holding a matching cert for any point on the certificate's security chain. There are many accounts that major governments already have copies of those critical points.

So what does it offer? The most immediate benefits are replay prevention and an integrity guarantee. Imagine if an attacker recorded a session of you logging into your bank and transferring funds. Without replay protection, and with no other replay protections by the bank, an attacker could replay the transaction over and over and over again, draining your bank account. Since both client and server theoretically offer unique session keys for each session they cannot be replayed. The integrity guarantee is also important, meaning that once your connection is established, those monitoring your connection cannot modify it without it being detected. The integrity guarantee is fairly weak and easily subject to MitM exploits unless properly configured with EV certificates or using two-way TLS and requiring mutual authentication. Basically you can detect all the links in the chain, but if one of those links is already compromised that isn't the protocol's fault. If someone inside your trust chain is intercepting and re-encoding your messages, the protocol won't stop it; all it will show is the person is a link in the authentication chain.

It also offers moderate degree of protection for authentication that the host you are connecting to matches who they claim to be; that is, with a TLS or SSL connection to example.com, if you know the certificate, then you have an authentication chain that the site matches. Just like the integrity guarantee, the protocol shows you all the links and nothing more. You still need to watch out for weak links. If one of the links in the certificate chain includes your corporate proxy or school's servers then you should assume that link in the chain is compromised, which is the most common MitM attack.

The protection most people think of -- the protection from eavesdropping -- is only a very weak protection and not guaranteed by the protocol. The encryption adds a cost to any eavesdroppers not part of the security chain, but for most of the encryption protocols that protection is minimally overcome with a large budget.

Re:Grand opening!

[tattood]

When you submit a CSR (Cert Signing Request), you generate the private key and keep it private; all you submit to the CA is the public key, which they sign. They never see the private key.

If this were really run by the NSA, they could quite easily create their own signed certificate and install it on a SSL decryption proxy, and then they can SSL man-in-the-middle your website to see what your website is doing. Since the "fake" signed certificate is signed by the same CA that the real one is, nobody would know the difference unless you look at the cert's serial number and fingerprint.

Re:Grand opening!

[chihowa]

Can you just request certificate signing from them, though?

It looks like they really want to run their software on your server. Software which, while open source, has access to much of your system and a continuous connection to their server.

Re:Grand opening!

dingdingding winner. Not saying that via NSLs the agency does not currently get these types of certs from other currently existing CAs currently.

Re:Grand opening!

[Krishnoid]

You seem to misunderstand the purpose and nature of these certificates. While it is fun as a joke, that isn't what it is for.

Yup. Thanks for the detailed explanation -- it's a distinction that's not made explicitly clear to the layperson.

Re:Grand opening!

[guruevi]

Exactly, it has been rumored that VeriSign actively cooperates with MITM attacks.

Re:Grand opening!

[Cyberax]

Yes. And they most definitely DO NOT need continuous access. The 'software' you're speaking about is simply a set of scripts to handle the domain ownership verification and certificate issue. It doesn't need access to anything but your HTTPD configuration files and/or DNS.

Re:Grand opening!

Rumored?

According to Wikipedia: "Verisign, Inc. is an American company based in Reston, Virginia, United States".

So they don't really get to choose. They either actively cooperate, or they go to prison. It's called "National Security Letters", and they aren't even allowed to tell you.

Re:Grand opening!

[Lennie]

Public key pinning has been part of Firefox for a few releases now:
https://developer.mozilla.org/...

I believe Chrome supports it or will support it soon.

This can solve that problem for sites you regularly visit, a fake certificate signed by a valid CA can not be used to dupe your browser in trusting their fake certificate.

Re:Grand opening!

[Dagger2]

You'd know the difference, because the fingerprint of the cert wouldn't match the one in DANE.

Except nobody supports that, because closing that particular hole apparently isn't important...

Re:Grand opening!

[chihowa]

And they most definitely DO NOT need continuous access. The 'software' you're speaking about is simply a set of scripts to handle the domain ownership verification and certificate issue. It doesn't need access to anything but your HTTPD configuration files and/or DNS.

That's not entirely true, at least in the long term. Domain ownership verification could be done entirely through the configuration files or through access to the served content. They claim to handle revocation and reissue of certificates through their site as well, which is going to require at least some sort of polling from your server.

Re:Grand opening!

[Cyberax]

Yes, they retrieve a special page or DNS name to verify that you actually control the domain. In essence, they do a three-way handshake using HTTP web pages instead of TCP packets.

However, once you establish the domain ownership, you don't need these special pages anymore - instead you'll use a self-signed certificate to authenticate to the "Let's Encrypt" servers for all operations (which include certificate revocation). No need for them to poll anything.

As far as I understand, the authentication should last for several months and certificates will be issued for a fairly short period (months to 1 year), so you'll have to periodically re-authenticate yourself to renew your certificates. But again, in this case you personally initiate the exchange - EFF won't simply do polling on their own.

TSL?

That's a new one!

https

[fustakrakich]

Why should I trust that?

Re:https

[lart2150]

Worst case it's no worse then http. There have been a few http headers that help with pinning so a compromised CA will be detected sooner.

Re:https

HTTP clients don't force you to click some stupid warning or add --no-check-certificate because the date is wrong/the cerrtificate has expired/etc

Re:https

[fustakrakich]

The 'certs' are tracking cookies. It involves unknown third parties that I am expected to trust because they have an authoritative looking logo. In the states I would rather have the post office issue the certificates. It would put them on the same level of our currency and postage and tax stamps. At least there we can apply real public oversight, in theory of course... you know, in case we want to actually starting watching over the government.

So what's Slashdots excuse for not using https?

Slashdot could cough up the money for an SSL cert. So why isn't all Slashdot traffic encrypted then?

Re:So what's Slashdots excuse for not using https?

[armanox]

So that you can do this:

telnet slashdot.org 80

Re:So what's Slashdots excuse for not using https?

So that you can do this:

telnet slashdot.org 80

One could just as well do this:

openssl s_client -connect slashdot.org:443

Oh yeah I'm going to trust these names

Akamai and Cisco are involved. Your data will be "safe" and not shared with anyone, except everyone.

Re:Oh yeah I'm going to trust these names

[viperidaenz]

Which is fine, because you never share your private key with them anyway.

Re:Oh yeah I'm going to trust these names

You are an idiot. At least understand what you are being pissy about.

Maybe it will be enough ...

[EagleRider70]

Maybe it will be enough to get you guys at Slashdot to do it! ;-)

Automated security

[bluefoxlucid]

How do they verify you're not hijacking a Web site? What if you block HTTPS (there's no https server!) and submit CSR, and it tries to verify a cookie on the associated HTTP site, which you're MITM and so replace by inserting your cookie?

Re:Automated security

[tlhIngan]

How do they verify you're not hijacking a Web site? What if you block HTTPS (there's no https server!) and submit CSR, and it tries to verify a cookie on the associated HTTP site, which you're MITM and so replace by inserting your cookie?

Easy. Let's Encrypt doesn't give you a certificate (at least not easily). What you need to do is to run a daemon on your server. That daemon will connect to Let's Encrypt to request the certificate, and on the server end, they verify the IP the daemon is connecting from matches that of your domain (e.g., if you want www.example.com, the daemon will connect form your http server IP, and the Let's Encrypt server will check that the daemon IP is the same as www.example.com before issuing you a certificate).

From then, if the daemon supports your http server (Apache, Nginx), it will automatically install the certificate and configure your server (or it can be a front end service listening on 443 proxying your server). If it's not supported, then it'll give you a certificate you install manually.

Since the whole process is automated, it very well could issue you only 1 month long certificates since the daemon is supposed to automatically fetch and renew the certificate.

Re:Automated security

the daemon will connect form your http server IP, and the Let's Encrypt server will check that the daemon IP

That's wrong.

Re:Automated security

[bluefoxlucid]

If you're running man-in-the-middle, you can intercept IP connections to the correct IP address and respond as if that server were running the daemon.

Cost is not the issue

You can get cheap certs or roll your own. People aren't doing SSL because it's "hard" and you need a smidgen of attention to detail.

Re:Cost is not the issue

[viperidaenz]

Probably why they're building tools that work with apache and nginx to automate the certificate bollocks.

Re:Cost is not the issue

So, no thttpd, lighttpd or pound?

How is cost an issue at $4.99/yr ?

I don't see how cost is an issue nowadays. At $5 a year anyone with a domain name and hosting can easily afford that. EV's are $150 a yr, not cost prohibitive for those that need them. Let's Encrypt doesn't even support EV so not sure why it is even brought up as a comparison.

The convenience of Let's Encrypt is nice however I don't see how most people can take advantage of this. It is a proxy daemon running on the server. So it needs to be installed and configured by the administrator of said server. It also takes over port 443 as a proxy adding extra overhead but more importantly a layer of insecure transmission.

I would like to see it (and I'm sure we will) as a cPanel and Plesk addon so users can easily add their certificates to their servers current configuration. Then I will see it as being very useful to the majority of people that don't have SSL certificates already installed. Since it is not the cost, but ease of use.

Re:How is cost an issue at $4.99/yr ?

What on earth are you talking about? That's only for the optional automated tool which you don't have to use.

Good start

Regular SSL certificates aren't that expensive. The EV certs are a ripoff. Unfortunately, Lets Encrypt will not support EV.

IPv4 address exhaustion

[tepples]

Where the VPS wins is that you have your own IP

How many people can have a VPS at the same time when we're already essentially out of IPv4 addresses?

Because ad networks lagged

[tepples]

Because historically, ad networks have not supported TLS. Running HTTP ads on an HTTPS site will get blocked as "mixed active content". The first major ad network to deploy TLS was Google AdSense in September 2013, roughly thirteen years after SSL/TLS entered the public domain. Slashdot used to offer subscriptions and make HTTPS available to subscribers, but those are no longer available for some vague reason.

Ad opening!

[tepples]

The ad network that Slashdot uses would have to support HTTPS first.

More root diversity please.

Let's Encrypt is a good idea but there should be a larger equivalent choice of roots to choose from.
Hopefully there is nothing stopping other CA's using a similar method of certificate distribution.

Having the majority of certificates rooted to the same supplier is a governments/spooks wet dream.

letsencrypt my.domain with my.ca

but, i want ...

[Skapare]

... a free PSK.

Let’s Encrypt’s root certificate will

[Skapare]

"Let’s Encrypt’s root certificate will be cross-signed by ..." i was expecting "NSA".

One of these things is not like the others

[ThatsNotPudding]

Backed by the EFF, the Mozilla Foundation, the Linux Foundation, Akamai, IdenTrust, Automattic, and Cisco

Seriously? What are they contributing? Proprietary blobs? Screen Doors?

Suitable for S/MIME?

[chrish]

Can these certs be used for S/MIME authentication, or could they be used to generate personal certs for S/MIME?

We're started using S/MIME extensively at my office, and I'd like to be able to do it at home... it seems significantly easier than using PGP.