Let’s Encrypt Project Issues More than One Million Certificates Since December Launch

Add Your Comments

Use of free encryption project Let’s Encrypt is growing, and it has now issued over one million certificates. Let’s Encrypt is celebrating its milestone by moving its client to the Electronic Frontier Foundation (EFF), and transitioning the client to a new, soon to be announced name, according to a blog post.

Let’s Encrypt was launched to public beta as a free, automated, and open certificate authority by the Internet Security Research Group (ISRG) in December. While it experienced its first security hiccup as a CA in January. It reached half a million certificates issued in early February. Last week it passed a million certificates, protecting 2.4 million domains.

In its pursuit of making HTTPS easy for website operators of any skill level to employ, Let’s Encrypt automates both on the CA side and on the client side, which has meant creating “dozens” of clients. Splitting up the two sides by moving the client to the EFF allows Let’s Encrypt “to focus on promoting a generally healthy client and protocol ecosystem,” and to put its engineering resources into the server infrastructure necessary for a rapidly growing CA, ISRG Executive Director Josh Aas said.

Read more: DreamHost Offers Integrated Support for Let’s Encrypt Project

“The Let’s Encrypt client goes further than most other clients in terms of end-to-end automation and extensibility, both getting certificates and in many cases installing them,” Aas said in a blog post explaining the changes. “This is an important strategy since major servers don’t yet have built-in support, and we want to make sure it’s given a proper chance to thrive. The EFF has led development of the Let’s Encrypt client from the beginning, and they are well-qualified to continue pursuing this strategy.”

Let’s Encrypt wants its client to be used with other ACME-enabled CAs, and to be distributable and customizable without running into trademarks, so changing its name is meant in part to help make that clear.

Chrome and Firefox have both recently announced they are moving towards default marking HTTP as insecure, providing extra incentive to website operators to encrypt connections.

Add Your Comments

  • (will not be published)