Acme, a brief history of one of the protocols which has changed the Internet
7 days ago
- #ACME Protocol
- #Let's Encrypt
- #Internet Security
- The ACME protocol, developed by Let's Encrypt, revolutionized Internet security by automating the issuance of TLS certificates.
- Let's Encrypt was founded in 2015 by a coalition including Mozilla, EFF, Akamai, Cisco, and the University of Michigan to provide free, automated certificates.
- ACME (Automated Certificate Management Environment) enables domain control validation via challenges (HTTP, DNS, TLS) without human intervention.
- Standardized as RFC 8555 in 2019, ACME is now widely adopted by both free and commercial certificate authorities.
- Key innovations include External Account Binding (EAB) for commercial CAs and ARI (ACME Renewal Information) for proactive certificate renewal.
- Let's Encrypt's impact is significant: HTTPS usage rose from ~39% (2015) to over 83% globally, with 700M+ active certificates issued.
- Future developments include profile selection standardization and a 'pubkey' identifier type to enhance key possession proofs.
- ACME's flexibility extends beyond TLS, with drafts exploring device attestation certificates, showcasing its potential as a universal challenge framework.