Let's Encrypt: Many people in 2020 have their own blog. Some have traffic, and others just exist more to meet the owner's expression needs. However, not all blogs today and websites in general have one thing in common.
It is called Let's Encrypt and deals with the security of the transfer and transmission of information.
Below we will see how the idea of the Let's Encrypt service started and how it managed to reach one billion certificates a few years after its launch.
Let's start from the beginning:
Let's Encrypt is a Certificate Authority (CA), which allows you to create free SSL certificates for your domain (your website).
It is an open certification body run by the Internet Security Research Group (ISRG) and funded by Mozilla and Automattic. It aims to equip legitimate websites of all sizes and functions with SSL / TLS certificates, which help browsers accept and serve encrypted data to ensure that users' activities and transactions are intercepted.
Their first certificate was issued in September 2015 and has been immediately signed by the SSL certificate provider IdenTrust.
Let's Encrypt started issuing certificates in November 2015. The move helped many websites adopt HTTPS encryption and rank higher in Google search results.
The soul of Let's Encrypt is Josh Aas, who at some point a few years ago had a vision. Google at the time, had announce the change of its algorithm. The new algorithm would reward sites that used the Stronger Security Protocol (HTTPS).
No problem, Josh Aas thought. The path to the goal of a secure internet required the standardization of a new HTTP specification (HTTP / 2) contained in Transport Layer Security (TLS). But there was another problem: To make this happen, Aas had to issue billions of free digital certificates to websites in order to enable HTTPS (SSL / TLS).
So Josh Aas quit his job at Mozilla in 2012 and started Let's Encrypt. Today, about 85% of all websites use HTTPS and more than one billion certificates have been issued.
All this eight years after the first idea. The new job that Josh has taken on seems to be finding a way for companies to trust Let's Encrypt certificates. His company operates with maximum transparency, and even has the source code of the service open to all (GitHub).
Let's Encrypt works closely with the community. According to Aas, The community helps management of forums, develops the code of the Let's Encrypt website (also open source), and develops the client software for the use of Let's Encrypt by all.
Eventually it seemed like everyone wanted to secure their pages, but they needed an easy and free way to do it. LE, offers easy and free encryption for everyone, while supporting standard and well-documented APIs that make life very easy for all administrators.
Of course, Aas in 2015 did not expect such a development. The fact that 85% of the World Wide Web is now secure is a major victory for privacy and security.