Mozilla, EFF and others are working together to make every internet connection a secure connection to prevent others from spying on your surfing habits. However the difficulties are price and the expertise required to install these certificates.
It doesn’t have to be like that, though. Starting soon, Mozilla, Cisco, Akamai, the Electronic Frontier Foundation, IdenTrust and researchers at the University of Michigan are working through the Internet Security Research Group to create a new certificate authority to offer these digital certificates for free to anybody who owns a web domain. The “Let’s Encrypt” group will launch this service next summer.
Currently, the EFF writes today, “HTTPS (and other uses ofTLS/SSL) is dependent on a horrifyingly complex and often structurally dysfunctional bureaucracy for authentication.”
The Let’s Encrypt project aims to make getting certificates not just free, but also as easy as possible. It will take two simple shell commands to enable HTTPS for any given site that wants to use it. All of the certificates that are issues or revoked will be public and the team aims to make its protocols an open standard that other certificate authorities can adopt.
Developers who want to test the service can head over to GitHub to take a look at the code, but this is definitely not meant for production servers yet and if you decide to ignore that warning, chances are your users will see lots of warnings about your certificate that will keep them from ever seeing your site.
