For Immediate Release
New, Free Certificate Authority to Dramatically Increase Encrypted Internet Traffic
Non-Profit to Offer One-Click Process to Implement Secure Web Browsing
SAN FRANCISCO, CA - The Electronic Frontier Foundation (EFF) is helping to launch a new non-profit organization that aims to dramatically increase secure Internet browsing. Let's Encrypt is scheduled to offer free server certificates beginning in summer 2015.
"This project should boost everyday data protection for almost everyone who uses the Internet," said EFF Technology Projects Director Peter Eckersley. "Right now when you use the Web, many of your communications—your user names, passwords, and browsing histories—are vulnerable to hackers and others. By making it easy, fast, and free for websites to install encryption for their users, we will all be safer online."
Currently, most Internet traffic is unencrypted, meaning most interactions you have with websites leave your accounts vulnerable to eavesdropping by everyone from a minimally competent hacker to the U.S. government. The HTTPS protocol—in contrast to HTTP—encrypts your connection and verifies the authenticity of sites, protecting your data and personal information. EFF has been campaigning successfully for a number of years to spread HTTPS from payment pages and banking sites to email, social networking, and other types of sites. But there are still hundreds of millions of domains that lack this protection.
The new Let's Encrypt project aims to solve that. Let's Encrypt is a new free certificate authority, which will begin issuing server certificates in 2015. Server certificates are the anchor for any website that wants to offer HTTPS and encrypted traffic, proving that the server you are talking to is the server you intended to talk to. But these certificates have historically been expensive, as well as tricky to install and bothersome to update. The Let's Encrypt authority will offer server certificates at zero cost, supported by sophisticated new security protocols. The certificates will have automatic enrollment and renewal, and there will be publicly available records of all certificate issuance and revocation.
Let's Encrypt will be overseen by the Internet Security Research Group (ISRG), a California public benefit corporation. ISRG will work with Mozilla, Cisco Systems Inc., Akamai, EFF, and others to build the much-needed infrastructure for the project and the 2015 launch.
"The Let's Encrypt certificate authority will dramatically increase the ability of websites around the world to implement HTTPS, increasing the security of hundreds of millions of Internet users every day," said Eckersley.
For Let's Encrypt:
For more on Let's Encrypt and how it will work:
This is the world we live in. This is the world we cover.
Because of people like you, another world is possible. There are many battles to be won, but we will battle them together—all of us. Common Dreams is not your normal news site. We don't survive on clicks. We don't want advertising dollars. We want the world to be a better place. But we can't do it alone. It doesn't work that way. We need you. If you can help today—because every gift of every size matters—please do. Without Your Support We Simply Don't Exist.
EFF is the leading civil liberties group defending your rights in the digital world. EFF fights for freedom primarily in the courts, bringing and defending lawsuits even when that means taking on the US government or large corporations.