[Cryptography] letsencrypt.org

Salz, Rich rsalz at akamai.com
Thu Sep 14 14:57:52 EDT 2017


The protocol that LetsEncrypt uses, ACME, has been in-progress at the IETF for awhile and is just now entering its final IETF review.  Interested parties are encouraged to join the acme mailing list.  We expect to see some commercial CA’s support the protocol soon.

One very exciting aspect of ACME is that work is being done to use it to enable crypto-secure identities on smartphones, this is being done in the ACME and STIR (secure telephone identity) working groups.

The infrastructure that LE built is good.  They don’t talk about details in public, but FWIW I  trust it.

One downside of LE is that they are now a single point of failure for many HTTPS websites.  Who wants to provision the next one, to help keep us more secure and private?

Disclaimers:  I’m co-chair of the ACME working group and my employer is proudly one of the initial product sponsors.  It’s the only source of DV certificates we use.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170914/2c6e63a8/attachment.html>


More information about the cryptography mailing list