Time: 
2015-04-26 15:00-2015-04-26 16:00
Room: 
CC-115

Experience level

Learner

Session Track

Privacy & Security

Let's Encrypt: A Free Robotic Certificate Authority

We want web sites and other Internet services to use encryption.  It's essential for privacy and security on an Internet that we're discovering is increasingly untrustworthy.

Even as we've called for widespread use of HTTPS, the cost and complexity of the certificate system has been an obstacle.  In summer 2015, a certificate authority, trusted by mainstream web browsers, will issue certificates for web servers automatically at no charge in under a minute.  This CA will automatically perform Domain Validation (DV) to verify applicants' control over domain names.  The associated software can optionally reconfigure their web servers and deploy the new certificates immediately.

We'll take a look at how the Let's Encrypt CA works, our ACME protocol for requesting and issuing certs, and the client software that can automate the process.  And we'll demonstrate what the experience of getting a cert from the new CA may look like for webmasters (don't look away, or you might miss it!).  We'll also talk about who's behind Let's Encrypt and some of the measures we're considering for preventing misissuance of certs.  Of course, you're invited to test and help perfect the process.