Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/14/2016
01:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Lets Encrypt Leaves Beta

New and renewing sponsors back Let's Encrypt technology and its mission to encrypt 100 percent of the Web

SAN FRANCISCO, April 12, 2016 — Let’s Encrypt, a free, automated and open Certificate Authority, today announced four new sponsors, several sponsorship renewals and that the technology is leaving beta. Launched in September 2015, Let’s Encrypt, which has issued over 1.5 million certificates for approximately 3 million websites, is pushing the web much closer to 100 percent encryption to ensure private personal and business information cannot be intercepted, manipulated or stolen by attackers.

In addition, Gemalto is joining as a new Gold sponsor, and HP Enterprise, Fastly, and Duda are joining as Silver sponsors. Current members Akamai and Cisco, which have supported Let’s Encrypt from the beginning, are renewing as Platinum sponsorship for the project. This renewal is a three-year commitment from both companies.  

A recent transparency report from Google found that many top web sites still do not use HTTPS, which makes for a very vulnerable web. Even though HTTPS is a basic security measure for web traffic, encryption has historically been out of reach to many businesses and individuals due to cost and complexity. Let's Encrypt eliminates these two barriers by offering individuals and companies the ability to install free certificates in seconds.

“We were delighted that we’ve been able to grow so quickly during our first four months of general availability. We now have the experience and confidence to take the project out of beta,” said Josh Aas, Internet Security Research Group executive director. “We will continue to work on making the web a safer place through free encryption. An increasingly broad set of industry stakeholders recognize how important it is to secure the Web through Let’s Encrypt. However, we still have a long way to go to deliver on our goal to encrypt 100 percent of all Web sites.”

Let’s Encrypt certificates are issued and managed via an entirely automated system in order to make the experience as simple and scalable as possible. Ease of use and scalability are essential if the entire web is to be encrypted. Let’s Encrypt certificates are trusted by all major browsers due to cross-signatures from IdenTrust.

More information about Let’s Encrypt’s progress can be found in this blog post.

The Let’s Encrypt project has gained tremendous operational experience and has worked closely with leading web service and hosting providers to ease the certification process. It has become extremely popular across the board, from small companies who found it cost prohibitive to update their sites to HTTPS to major hosting providers and content management solution providers that are focused on giving their users the most up-to-date security.

 

Additional Materials

·  Become A Sponsor

·  Getting Started

·  Get Involved

·  Job Openings

 


About Let’s Encrypt  

Let's Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG). As the non-profit entity behind Let’s Encrypt, ISRG is a project at The Linux Foundation.

 

Backed by industry leaders and open to all, Let’s Encrypt’s mission is to encrypt the Web. Major sponsors include Akamai, Cisco, Electronic Frontier Foundation, Facebook, Google Chrome, Internet Society (ISOC), OVH.com and many others. A growing community provides subscriber support and software development. 

 

To get involved go here: https://letsencrypt.org/getinvolved/. To become a corporate sponsor contact [email protected].

 

Linux Foundation projects harness the power of collaborative development to fuel innovation across industries and ecosystems. www.linuxfoundation.org.

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-20466
PUBLISHED: 2021-06-21
White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access via user_edit_password.php, remote attackers can modify the password of any user.
CVE-2020-20467
PUBLISHED: 2021-06-21
White Shark System (WSS) 1.3.2 is vulnerable to sensitive information disclosure via default_task_add.php, remote attackers can exploit the vulnerability to create a task.
CVE-2020-20468
PUBLISHED: 2021-06-21
White Shark System (WSS) 1.3.2 is vulnerable to CSRF. Attackers can use the user_edit_password.php file to modify the user password.
CVE-2021-24368
PUBLISHED: 2021-06-20
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin WordPress plugin before 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, leading to a reflected Cross-Site Scripting issue. This c...
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.