Reply to post: Re: Why?

Let's Encrypt gets automation

A Known Coward

Re: Why?

You're confusing the purpose of Let's Encrypt. The project has nothing to do with increasing trust in certificate authorities.

Which doesn't mean you cannot trust Let's Encrypt, only that if you're looking for a solution to the trust problem then you need to re-invent the whole certificate system. LE is about giving everyone access to certificates free of charge, with no strings, no 'revocation fees' and no limits to the number of certificates you can deploy. It's about removing the barriers to deployment even on the lowliest website and thus bringing about the long overdue age of complete encryption to the internet.

Aside from issuing certificates, the project also comes with a suite of tools which will properly configure your server to use the best possible TLS configuration, which alone makes it extremely valuable. Many servers still offer outdated or incomplete configs which are no longer secure, LE is offering a one-click solution that handles the whole process for you.

There are plenty of other projects and solutions attempting to solve the 'trust' issue, including Public Key Pinning - although you still have to trust the browser and intermediate proxies, and let's face it, if you cannot trust those then no amount of encryption is meaningful.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon