• Welcome to Autism Forums, a friendly forum to discuss Aspergers Syndrome, Autism, High Functioning Autism and related conditions.

    Your voice is missing! You will need to register to get access to the following site features:
    • Reply to discussions and create your own threads.
    • Our modern chat room. No add-ons or extensions required, just login and start chatting!
    • Private Member only forums for more serious discussions that you may wish to not have guests or search engines access to.
    • Your very own blog. Write about anything you like on your own individual blog.

    We hope to see you as a part of our community soon! Please also check us out @ https://www.twitter.com/aspiescentral

Potential alternative for web encryption - Please review

It's not so much a new replacement as it's just offering more choices. The important factor of Let's Encrypt, is that it makes it easy for website owners to enable HTTPS on their websites, without having to go through the process of obtaining a certificate from a commercial CA, and that potentially helps to improve both security and privacy online.

It's an issue of trust. Which entities are more trustworthy? Can any be trusted? It has become exceedingly difficult to trust major corporations and other entities and retain any kind of confidence in how they handle their policies and practices. It gives people more options and that's great. Additionally, it helps to comply with other standards such as HTTPS Everywhere, which is also helpful.
 
Commercial CAs are ok. Not necessarily better than a free one, but ok.

BTW - HTTPS has been around a very long time by IT standards. It's been universally available on commercial platforms for decades.
All the certs have to follow the same standard so they can interoperate. There cannot be anything special about "Let's Encrypt's" certs. It's nice that they're free of course, but there's no way they're more secure than anyone else's.
 
Let's Encrypt is a good service. However, IT people are generally reluctant to change something that is working without a very compelling reason. I personally completely removed my reliance on google products after they cancelled one too many things I used. Whether avoiding google to switch to another product, free or not, is worth it is a calculation that has to be made.
 
My customers always have a relationship with a CA or a middleman. I've never used Google.
Basic certs are quite cheap though - the ones I use (minimal metadata in the cert) cost about USD 20 per year.

Now and then I work with customers that have their own CAs, a surprisingly high proportion of those haven't understood what they were doing /lol.

If anyone is interested, I can paste in the text version of a signer certificate.
 
RESleight said:
It's an issue of trust. Which entities are more trustworthy? Can any be trusted? It has become exceedingly difficult to trust major corporations and other entities and retain any kind of confidence in how they handle their policies and practices. It gives people more options and that's great. Additionally, it helps to comply with other standards such as HTTPS Everywhere, which is also helpful.
Click to expand...
And Let's Encrypt is funded by...


Google
Amazon
Facebook
...

www.abetterinternet.org

Sponsors and Donors

Sponsors and Donors Those who make our work possible. Become a sponsor or donor Let's change the world. Or at least the Internet. A handful of organizations and a few thousand people provide 100% of our funding. Take a closer look at why they’re committed to helping ISRG build a better Internet...
www.abetterinternet.org www.abetterinternet.org
 
You must log in or register to reply here.

New Threads

Top Bottom