{"id":73771,"date":"2015-01-06T17:48:54","date_gmt":"2015-01-06T22:48:54","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/"},"modified":"2021-07-12T16:59:03","modified_gmt":"2021-07-12T20:59:03","slug":"umich-helps-secure-the-web-with-lets-encrypt","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/umich-helps-secure-the-web-with-lets-encrypt\/","title":{"rendered":"UMich Helps Secure the Web with Let\u2019s Encrypt"},"content":{"rendered":"

\"UMich<\/a>The University of Michigan<\/a><\/strong> is teaming up with leading Internet firms to help secure the web<\/strong>. UMich<\/a>,\u00a0Cisco<\/a> (CSCO<\/a>),\u00a0Akamai<\/a> (AKAM<\/a>), Mozilla<\/a>, the Electronic Frontier Foundation<\/a><\/strong>, and public key certificate authority IdenTrust<\/a>, have launched a new free certificate authority<\/a> (CA) called Let\u2019s Encrypt<\/a>.<\/p>\n

The Let\u2019s Encrypt<\/strong> CA, which will be available in the Summer of 2015. It aims to get people to encrypt their connections to their websites<\/strong> according to a recent GigaOM<\/a> <\/em>article<\/a>. Let’s Encrypt goal is to make it easier to get a proper Secure Sockets Layer\/Transfer Layer Security (SSL\/TLS) certificate. That way the certs can be deployed to secure a Web server and its users.<\/p>\n

Let\u2019s Encrypt will help secure the Internet<\/h3>\n

\"Let\u2019s<\/a>According to the article Let\u2019s Encrypt, comes as the tech industry scrambles to encrypt the web<\/a>. This is more important after the mass surveillance revelations of NSA<\/a><\/strong> leaker Edward Snowden<\/a>. The CA will aid other efforts to secure the Internet.<\/p>\n

Let’s Encrypt is developing the Automated Certificate Management Environment or ACME<\/a>\u00a0protocol. The ACME\u00a0protocol. will sit between Web servers and the CA. It includes support for new, stronger forms of domain validation.<\/p>\n

\"University<\/a>Let’s Encrypt will serve as its own root CA<\/a><\/strong>. The nonprofit CA\u00a0public benefit corporation, Internet Security Research Group (ISRG) will run the root CA. Josh Aas, the executive director of ISRG, explained securing the web is just not a simple thing to use Transport Layer Security<\/a><\/strong> (TLS), the successor to Secure Socket Layer<\/a> (SSL). He explains that getting, paying for, and installing a certificate is too hard for many network administrators.<\/p>\n

The anchor for any TLS-protected communication is a public-key certificate which demonstrates that the server you\u2019re actually talking to is the server you intended to talk to. For many server operators, getting even a basic server certificate is just too much of a hassle. The application process can be confusing. It usually costs money. It\u2019s tricky to install correctly. It\u2019s a pain to update.<\/em><\/p>\n

\"Electronic<\/a>According to the statement, Let\u2019s Encrypt\u2019s certificates will be free. It will have an automated issuance and renewal protocol \u2013 an open standard. A step to reduce the need for input from the domain holder\u2019s side. According to an EFF<\/strong> blog post<\/a>, \u201cswitching a webserver from HTTP to HTTPS<\/strong> with this CA will be as easy as issuing one command, or clicking one button.\u201d<\/p>\n

Records of certificate issuance and revocation will be publicly available. The organizations behind Let\u2019s Encrypt are stressing that the system won\u2019t be under any one organization\u2019s control.<\/p>\n