Linux Foundation to support free web encryption project
ISRG's Let's Encrypt project aims to create open source encryption solution for websites
The Linux Foundation has announced that it will collaborate with the Internet Security Research Group (ISRG) on an open source encryption project, to create a free and simple way to secure web communications.
The non-profit Linux Foundation will host the Let's Encrypt project on behalf of ISRG, and also provide general and administrative support services, as well as services related to fundraising, financial management, contract and vendor management, and human resources.
Let's Encrypt is intended to create an open source alternative to Secure Socket Layer (SSL) certification, allowing web developers to use the HTTPS without payment or a long application process, something that has been an issue with SSL.
The Let's Encrypt code will allow developers to automatically prove to the Let's Encrypt certification authority that they control the website; obtain a browser-trusted certificate and set it up on their web server; keep track of when the certificate is going to expire, and automatically renew it; and help them to revoke the certificate if that ever becomes necessary.
A post on the project's blog explained: "Anyone who has gone through the trouble of setting up a secure website knows what a hassle getting a certificate can be. Let's Encrypt automates away all this pain and lets site operators turn on HTTPS with a single click or shell command.
"When Let's Encrypt launches in mid-2015, enabling HTTPS for your site will be as easy as installing a small piece of certificate management software on the server.
"No validation emails, no complicated configuration editing, no expired certificates breaking your website. And of course, because Let's Encrypt provides certificates for free, no need to arrange payment."
The project is sponsored by Akamai, Cisco, Electronic Frontier Foundation, Mozilla, IdenTrust and Automattic.
ISRG and Let's Encrypt will be hosted as a Linux Foundation Collaborative Project, which are independently funded software projects designed to tap into the power of collaborative development. The Linux Foundation also hosts the Core Infrastructure Initiative, which was set up in the wake of the Heartbleed flaw last year, in order to improve the security of open source solutions.