HTTPS for All: Let’s Encrypt Reaches One Billion Certificates Issued [Updated]
[Update 2020-03-02 08:34:00 UTC. Full disclosure: SoylentNews uses Let's Encrypt certificates.--martyb]
upstart writes in with an IRC submission for AnonymousCoward:
HTTPS for all: Let's Encrypt reaches one billion certificates issued:
Let's Encrypt, the Internet Security Research Group's free certificate signing authority, issued its first certificate a little over four years ago. Today, it issued its billionth.
The ISRG's goal for Let's Encrypt is to bring the Web up to a 100% encryption rate. When Let's Encrypt launched in 2015, the idea was pretty outri(C)-at that time, a bit more than a third of all Web traffic was encrypted, with the rest being plain text HTTP. There were significant barriers to HTTPS adoption-for one thing, it cost money. But more importantly, it cost a significant amount of time and human effort, both of which are in limited supply.
Let's Encrypt solved the money barrier by offering its services free of charge. More importantly, by establishing a stable protocol to access them, it enabled the Electronic Frontier Foundation to build and provide Certbot, an open source, free-to-use tool that automates the process of obtaining certificates, installing them, configuring webservers to use them, and automatically renewing them.
When Let's Encrypt launched in 2015, domain-validated certificates could be had for as little as $9/year-but the time and effort required to maintain them was a different story. A certificate needed to be purchased, information needed to be filled out in several forms, then one might wait for hours before even cheap domain-validated certificates would be issued.
Once the certificate was issued, it (and its key, and any chain certificates necessary) needed to be downloaded, then moved to the server, then placed in the right directory, and finally the Web server could be reconfigured for SSL.
Every one to three years, you'd need to do the whole thing over again-perhaps only replacing the certificate and key, perhaps also replacing or adding new intermediate chain certificates.
Read more of this story at SoylentNews.