Let’s Encrypt: Security Everywhere
Let’s Encrypt is a new Certificate Authority (CA) who are making waves in the web community. They have lowered the access barrier for SSL certificates significantly and are pushing their competition to improve; fast.
“A Certificate Authority is an entity that validates other digital certificates… …Creating a Chain of Trust between a website and the browser.”
Read more about Certificate Authorities or how to trust over the Internet.
Why Lets Encrypt is revolutionary:
- Let’s Encrypt removes the pay wall for SSL certificate’s making them free for everyone.
- Its quick. Seemingly instant certificate authentication and provisioning.
- Open client options for many different programming languages and environments.
- Certbot (the official client, developed by the Electronic Frontier Foundation (EFF)) is incredibly simple to set up and run HTTPS in seconds. See for yourself.
- Automated SSL regeneration. A new certificate just when the old one expires.
- Raising the standards for CA security checks. Let’s Encrypt have implemented new security checks which ensure that you are the domains owner and that it’s secure to issue you the certificate. Read more.
- Short validation periods. Let’s Encrypt certificates are only valid for three months which in comparison to other CA signed certificates is shorter. You may be thinking this is bad, long validation periods means less work to maintain. But should the next Heartbleed vulnerability come along and your certificate is leaked to the public, the perpetrator only has less than three months to use it then it will no longer be valid.
- Supported, as of last year Let’s Encrypt are trusted in most browsers. Test it for yourself. Read more.
It’s free, easy and simple to do so there is no reason not to get started straight away.
Quick (nearly instant) certificate provisioning is our favourite benefit. We often have new customers come to us that have been caught out by expiring SSL certificates not leaving enough time for the renewal to take place, which with Extended Validation certificates can be weeks! Let’s Encrypt is our first port of call to mitigate the missing certificate. Giving us a temporary solution while their other certificate is renewed.
At Dogsbody Technology we love SSL and have already started implementing Let’s Encrypt when we can. If you want to see the benefit of SSL drop us a line.
Feature image made by Got Credit licensed CC BY 2.0.
Trackbacks & Pingbacks
[…] There are many types of SSL certificate from various Certificate Authorities. For basic domain validated certificates we are a big fan of Lets Encrypt. […]
Leave a ReplyWant to join the discussion?
Feel free to contribute!