How Let's Encrypt made the internet safer and HTTPS standard – and free
10 months ago
- #Web Development
- #HTTPS
- #Cybersecurity
- Let's Encrypt was created to address the high cost and complexity of obtaining SSL/TLS certificates, making HTTPS standard and free.
- Before Let's Encrypt, only 6.71% of the top million websites used HTTPS, highlighting the need for widespread encryption.
- Let's Encrypt introduced the Automated Certificate Management Environment (ACME) protocol, automating certificate issuance, renewal, and revocation.
- The Internet Security Research Group (ISRG), a nonprofit, was established to oversee Let's Encrypt, prioritizing transparency and public service.
- Let's Encrypt's free, automated 90-day domain-validated certificates democratized web encryption, leading to HTTPS adoption soaring from below 7% to 88.1%.
- Google's policy changes, like ranking HTTPS sites higher and marking non-HTTPS sites as insecure, further accelerated HTTPS adoption.
- Let's Encrypt's success has inspired ISRG to expand efforts into memory safety in internet infrastructure, such as supporting Rust in the Linux kernel.