With Let's Encrypt, any webmaster interested in implementing HTTPS for their services can get the certificates for free, which is a great move for encouraging people to encrypt their users' connections to their websites.
Let's Encrypt is a combined effort of digital-era rights advocate Electronic Frontier Foundation (EFF), Mozilla Foundation, Cisco Systems, Internet content distributor Akamai Technologies, certificate provider IdenTrust and researchers from the University of Michigan.
Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology
Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.Join Now
Generally, the process of implementation of an SSL certificate, including the need to obtain and install a certificate, is complicated for most web developers as it sounds.
In most cases, the cost related issues force web administrators to give up on using encrypted connections.
However, the goal of the Let's Encrypt project is to simplify this certificate implementation process, meanwhile reducing the cost for operators by not needing them to pay for security.
"We will issue the first end entity certificates under our root under tightly controlled circumstances," the official announcement says. "No cross-signature will be in place yet, so the certificates will not validate unless our root is installed in client software."
The Let's Encrypt authority will soon provide browser-trusted certificates through a publicly documented API (Application Program Interface) that any webmaster or website owner can implement.
Informal tests conducted by the researchers showed that it often takes 1-3 hours for a webmaster to install a certificate.
Lets Encrypt is funded by the Internet Security Research Group (ISRG), a new California-based public-benefit corporation. The project is going to enter its soft-launch stage next month and will be available for the general public in September this year.
So, very soon a certificate can be obtained for free-of-cost. However, an extended validation (EV) SSL certificates can cost you up to $1,000 (approx. £640).