electronic frontier freedom; encrypt everything 1994 idea

It may happen. A great idea as I figured out 20 years ago. Also all computers should be encrypted, always. Forget your password and nobody can unscramble anything on your computer. Eliminates a lot of hackers and thieves. Encrypt is cheap and easy. One penny of electricity per month.

EFF the oldest most important organization promoting online freedom. Lots of details underlying the internet which is becoming increasingly dysfunctional and not worth the trouble. I read paper newspapers and listen to broadcast radio in the car. I may even get a TV one of these days. Mostly books and professional articles is more than anybody can keep up with.


Launching in 2015: A Certificate Authority to Encrypt the Entire Web

Let’s Encrypt logo

Today EFF is pleased to announceLet’s Encrypt , a new certificate authority (CA) initiative that we have put together with Mozilla, Cisco, Akamai, IdenTrust, and researchers at the University of Michigan that aims to clear the remaining roadblocks totransition the Web from HTTP to HTTPS .

Although the HTTP protocol has been hugely successful, it is inherently insecure. Whenever you use an HTTP website, you are always vulnerable to problems, includingaccount hijacking and identity theft ; surveillance and tracking bygovernments ,companies , andboth in concert ; injection of malicious scripts into pages; and censorship that targetsspecific keywords orspecific pages on sites. The HTTPS protocol, though it is not yet flawless, is a vast improvement on all of these fronts, and we need to move to a future where every website is HTTPS by default.With a launch scheduled for summer 2015, the Let’s Encrypt CA will automatically issue and manage free certificates for any website that needs them. Switching a webserver from HTTP to HTTPS with this CA will be as easy as issuing one command, or clicking one button.

The biggest obstacle to HTTPS deployment has been the complexity, bureaucracy, and cost of the certificates that HTTPS requires. We’re all familiar with the warnings and error messages produced by misconfigured certificates. These warnings are a hint that HTTPS (and other uses ofTLS/SSL ) is dependent on a horrifyingly complex and often structurally dysfunctional bureaucracy for authentication.

example certificate warningLet’s Encrypt will eliminate most kinds of erroneous certificate warnings

The need to obtain, install, and manage certificates from that bureaucracy is the largest reason that sites keep using HTTP instead of HTTPS. In our tests, it typically takes a web developer 1-3 hours to enable encryption for the first time. The Let’s Encrypt project is aiming to fix that by reducing setup time to 20-30 seconds. You can help test and hack on thedeveloper preview of our Let’s Encrypt agent software or watch a video of it in action here:

Let’s Encrypt will employ a number of new technologies to manage secure automated verification of domains and issuance of certificates. We will use a protocol we’re developing calledACME between web servers and the CA, which includes support for new and stronger forms of domain validation. We will also employ Internet-wide datasets of certificates, such as EFF’s ownDecentralized SSL Observatory , the University of Michigan’sscans.io , and Google’sCertificate Transparency logs, to make higher-security decisions about when a certificate is safe to issue.

The Let’s Encrypt CA will be operated by a new non-profit organization called the Internet Security Research Group (ISRG). EFF helped to put together this initiative with Mozilla and the University of Michigan, and it has been joined for launch by partners including Cisco, Akamai, and Identrust.

/The core team working on the Let’s Encrypt CA and agent software includesJames Kasten ,Seth Schoen , andPeter Eckersley at EFF;Josh Aas ,Richard Barnes , Kevin Dick andEric Rescorla at Mozilla;Alex Halderman and James Kasten and the University of Michigan./


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s