Let's Encrypt Hits New Milestone: Over 100,000,000 Certificates Issued

Josh Aas, the executive director of Internet Security Research Group (ISRG) writing for Let's Encrypt: Let's Encrypt, a free, automated, and open certificate authority has reached a milestone: we've now issued more than 100,000,000 certificates. This number reflects at least a few things: First, it illustrates the strong demand for our services. We'd like to thank all of the sysadmins, web developers, and everyone else managing servers for prioritizing protecting your visitors with HTTPS. Second, it illustrates our ability to scale. I'm incredibly proud of the work our engineering teams have done to make this volume of issuance possible. I'm also very grateful to our operational partners, including IdenTrust, Akamai, and Sumo Logic. Third, it illustrates the power of automated certificate management. If getting and managing certificates from Let's Encrypt always required manual steps there is simply no way we'd be able to serve as many sites as we do. The total number of certificates we've issued is an interesting number, but it doesn't reflect much about tangible progress towards our primary goal: a 100% HTTPS Web.

Value?

[Frosty+Piss]

I'm not sure that one of these certs is any better than a self-signed cert...

Re:Value?

[Qzukk]

It's trusted by the browser by default, so it has that going for it.

Also, unlike self-signed certs it demonstrates that the person requesting the cert has control over the hostname(s), which is pretty much all I ever had to do when I paid for a non-EV certificate.

Re:Value?

It's considerably better than a self-signed cert. Browsers don't accept self-signed certs by default, throwing up big nasty warnings. Lets Encrypt is a fully-accepted CA.

It also costs as much as a self-signed cert. That is, nothing. Higher utility at the same price is higher value.

Re:Value?

[AikonMGB]

This isn't about the basics of PKI it's the basics of establishing TRUST that's the heart of my question regarding LE.

The basis of any secure system is TRUST not alphabet soups of cryptographic jargon. It's asking the basic question "WHY SHOULD I TRUST YOU?" and receiving a reasonable, verifiable response.

Trust whom, the site owner? LE? Their CA? If you don't trust root CA, then you are SOL. Better unplug your computer. Otherwise, there's your trust chain: root CA vets LE to a level sufficient to grant them an issuing certificate, LE vets the site owner to a level sufficient to grant them a hostname certificate.

How does LE vet ownership to even assign certificates in the first place?

Ownership of what, the hostname? The client requesting the certificate has to satisfy a challenge, for example placing a file with specific contents at a specific location controlled by the hostname, or populating a specific DNS record with a specific value for that hostname's zone. If the client is able to satisfy those challenges, then it already has complete control over the hostname and the content it serves.

What makes this process secure and trustworthy? If there is no good answer to that question all the cryptography in the world means nothing.

If you aren't willing to engage in a discussion about public keys and cryptographic signatures, there's no way to answer this question for you. The cryptography is how the process is secured, and the public key nature (combined with satisfying the challenge above) is how the CA establishes trust.

Re:Value?

[Junta]

The point being you connect to http, and no worries, it's all cool. It's warm and fuzzy and not at all something to fret about.

You connect to https with self-signed cert, *IT'S THE END OF THE WORLD*, you are horribly insecure, it's dangerous, you shouldn't even *try* to talk to the server, if you really want to you should click through 2 or 3 dialogs, and also you should be forced to do that every time you reconnect to the same server, without even a hint of whether the certificate changed from last time.

It's just such a strange disconnect. I have seen web server operators opt to prefer http rather than https so as not to scare off users, even if they may be handling potentially sensitive information.

Self-signed certs should be treated more like ssh keys in general.

Value!

It's considerably better than a self-signed cert. Browsers don't accept self-signed certs by default, throwing up big nasty warnings. Lets Encrypt is a fully-accepted CA.

That's the scam - the pretense of "identification." All certs do is encrypt the stream. The CA "knows" you only as well as it's able to ascertain your actual identity, which for 99.9% of certs, is near zero. That's quite aside from any breaches in security that result in the cert getting into the wild and DNS malfuckery coming into play.

The reason that lets-encrypt has succeeded is because it avoids the money-generating browser manufacturer / CA collusion scam, and there isn't anything better yet than lets-encrypt's approach of constantly renewing the certificate (unless you're willing to have the browser scare away the vast majority of your visitors, which, again, is the scam.)

If someone pops up with a quality browser that reasonably treats self-signed certificates, the entire fraudulent business model of the CA's will collapse. It's long overdue. But there are huge monetary interests involved, so don't hold your breath.

TL;DR: Traditional CAs are scammers. Their claim of providing "identity" is no more than smoke and mirrors. lets-encrypt provides the actual value - encryption - without the baseless-identity-for-money scam. That's why lets-encrypt is a success.

Why so many negative comments?

[fabriciom]

This thing is the best thing since sliced bread. I use it on all my servers, it saves me money and head aches.