A new project aims to provide free digital certificates for Transport Layer Security/Secure Sockets Layer (TLS/SSL) encryption from next year, hoping to replace the plain-text hyper text transport protocol (HTTP) for web browsing completely with its encoded HTTPS variant.
Called Let's Encrypt, the project is run by digital rights lobby group the Electronic Frontier Foundation (EFF).
The EFF plans to launch a certificate authority (CA) in the winter of 2015. The CA will issue free digital certificates to any website requiring them, and switching from HTTP to encrypted HTTPS will be "as easy as issuing one command, or clicking one button," the EFF claims.
SSL certificates today cost anywhere from tens of dollars to several hundreds, and can be complex to install and manage.
To make certificate deployment and management easier, Let's Encrypt will use the Automated Certificate Management Environment (ACME).
The ACME protocol uses JavaScript Object Notation (JSON) over HTTPS to automate management of domain validation certificates.
Open source browser provider Mozilla, network equipment vendor Cisco, content delivery network Akamai, B2B security specialist IdenTrust and university of Michigan resarchers will join forces with the EFF for the project.
EFF technology projects director Peter Eckersley said Let's Encrypt seeks to replace the 'inherently insecure' HTTP that transmits data in the clear with the encrypted HTTPS protocol.
Eckersly said the CA will be operated by the not-for-profit Internet Security Research Group.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
