On 18/11/14 19:13, Patrick McManus wrote: > You can read more about the project at https://letsencrypt.org/ > > You can see (and participate in) the work in progress protocols (called > ACME) around certificate management here: > https://github.com/letsencrypt/acme-spec
So the plan for questions/comments is just via github or is there a mailing list? Ta, S. > > On Tue, Nov 18, 2014 at 12:54 PM, Stephen Farrell <[email protected] >> wrote: > > > Nice! > > Sounds extremely promising. > > S. > > On 18/11/14 17:50, Joseph Lorenzo Hall wrote: >>>> >>>> So cool I'll just shut my mouth and let the launch text speak for >>>> itself... (links in the original) >>>> >>>> ---- >>>> >>>> > https://www.eff.org/deeplinks/2014/11/certificate-authority-encrypt-entire-web >>>> >>>> # Launching in 2015: A Certificate Authority to Encrypt the Entire >>>> Web >>>> >>>> Today EFF is pleased to announce Let?s Encrypt, a new certificate >>>> authority (CA) initiative that we have put together with Mozilla, >>>> Cisco, Akamai, Identrust, and researchers at the University of >>>> Michigan that aims to clear the remaining roadblocks to transition >>>> the Web from HTTP to HTTPS. >>>> >>>> Although the HTTP protocol has been hugely successful, it is >>>> inherently insecure. Whenever you use an HTTP website, you are >>>> always vulnerable to problems, including account hijacking and >>>> identity theft; surveillance and tracking by governments, >>>> companies, and both in concert; injection of malicious scripts into >>>> pages; and censorship that targets specific keywords or specific >>>> pages on sites. The HTTPS protocol, though it is not yet flawless, >>>> is a vast improvement on all of these fronts, and we need to move >>>> to a future where every website is HTTPS by default.With a launch >>>> scheduled for summer 2015, the Let?s Encrypt CA will automatically >>>> issue and manage free certificates for any website that needs them. >>>> Switching a webserver from HTTP to HTTPS with this CA will be as >>>> easy as issuing one command, or clicking one button. >>>> >>>> The biggest obstacle to HTTPS deployment has been the complexity, >>>> bureaucracy, and cost of the certificates that HTTPS requires. >>>> We?re all familiar with the warnings and error messages produced >>>> by misconfigured certificates. These warnings are a hint that HTTPS >>>> (and other uses of TLS/SSL) is dependent on a horrifyingly complex >>>> and often structurally dysfunctional bureaucracy for >>>> authentication. >>>> >>>> The need to obtain, install, and manage certificates from that >>>> bureaucracy is the largest reason that sites keep using HTTP >>>> instead of HTTPS. In our tests, it typically takes a web developer >>>> 1-3 hours to enable encryption for the first time. The Let?s >>>> Encrypt project is aiming to fix that by reducing setup time to >>>> 20-30 seconds. You can help test and hack on the developer preview >>>> of our Let's Encrypt agent software or watch a video of it in >>>> action here: >>>> >>>> Let?s Encrypt will employ a number of new technologies to manage >>>> secure automated verification of domains and issuance of >>>> certificates. We will use a protocol we?re developing called ACME >>>> between web servers and the CA, which includes support for new and >>>> stronger forms of domain validation. We will also employ >>>> Internet-wide datasets of certificates, such as EFF?s own >>>> Decentralized SSL Observatory, the University of Michigan?s >>>> scans.io, and Google's Certificate Transparency logs, to make >>>> higher-security decisions about when a certificate is safe to >>>> issue. >>>> >>>> The Let?s Encrypt CA will be operated by a new non-profit >>>> organization called the Internet Security Research Group (ISRG). >>>> EFF helped to put together this initiative with Mozilla and the >>>> University of Michigan, and it has been joined for launch by >>>> partners including Cisco, Akamai, and Identrust. >>>> >>>> The core team working on the Let's Encrypt CA and agent software >>>> includes James Kasten, Seth Schoen, and Peter Eckersley at EFF; >>>> Josh Aas, Richard Barnes, Kevin Dick and Eric Rescorla at Mozilla; >>>> Alex Halderman and James Kasten and the University of Michigan. >>>> >>>> >>>> _______________________________________________ perpass mailing >>>> list [email protected] >>>> https://www.ietf.org/mailman/listinfo/perpass >>>> >>>> >> >> _______________________________________________ >> perpass mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/perpass >> >> > _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
