Bruce Schneier reports on a Very Good Thing. It’s a free CA which is a joint project involving EFF, Mozilla, Cisco, Akamai and the University of Michigan.
I think it’s bloody brilliant news. The service’s name says it all: Let’s Encrypt. Yes, let’s.
The challenge is server certificates. The anchor for any TLS-protected communication is a public-key certificate which demonstrates that the server you’re actually talking to is the server you intended to talk to. For many server operators, getting even a basic server certificate is just too much of a hassle. The application process can be confusing. It usually costs money. It’s tricky to install correctly. It’s a pain to update.
Let’s Encrypt wants to change that.
EFF write about it here.