Supporting Let’s Encrypt, the nonprofit making HTTPS free for all

Supporting Let’s Encrypt, the nonprofit making HTTPS free for all

Today, we’re thrilled to be partnering with Let’s Encrypt, the world’s largest certificate authority. Part of the nonprofit Internet Security Research Group (ISRG), the team supports website owners by removing the cost and complexity normally associated with enabling HTTPS encryption. That, in turn, helps the web become a more secure and privacy-respecting place for everyone.

We want Let’s Encrypt to continue this important work. That’s why we’re teaming up and supporting the nonprofit’s annual summer fundraising campaign. We’ll be matching the next $50,000 in supporter donations this month, and giving $20 1Password gift cards to the first 500 people who donate $50 or more. You can donate here to get involved and help eliminate weak, insecure website connections for good.

How Let’s Encrypt makes the world a safer place

If you open a new tab and navigate to 1Password.com, you’ll notice a padlock icon in the address bar. Click on that symbol or the URL, and you’ll see the acronym “HTTPS.” Those five characters are a web protocol that leverages a robust form of encryption called SSL or TLS. Most people rarely think about HTTPS. However, it makes a huge contribution toward keeping everyone safe on the web.

HTTPS only works if the site has an SSL/TLS certificate. Most of these need to be “signed” by a certificate authority like Let’s Encrypt. It’s the equivalent of a degree that’s been rubber-stamped by a reputable university. The difference here is that thanks to public and private encryption keys, your browser can check the SSL/TLS certificate and mathematically prove the identity of the authority and, by extension, the site you want to visit.

Without a valid certificate, you can’t be sure that your browser’s connection to the site is secure.

What makes Let’s Encrypt special

While there are many certificate authorities, Let’s Encrypt is one of a kind. It was set up in 2013 to provide free SSL/TLS certificates to any website owner who wanted to offer a HTTPS connection. The team issued its first certificate in 2015 and has since grown into the largest certificate authority in the world, servicing 260 million website domains and tens of billions of HTTPS page loads every day. To say it’s had an impact would be a massive understatement.

Let’s Encrypt certificates aren’t just free — they’re also convenient to use. With a bit of software running on a web server, any website owner can painlessly obtain, configure and automatically renew a certificate. This headache-free experience is possible because of the ACME Protocol, which Let’s Encrypt has published as an open standard that anyone can adopt.

Finally, Let’s Encrypt records every SSL/TLS certificate that it issues and revokes. That way, anyone can look at them and check that the authority is only issuing certificates to sites that truly deserve them.

Together, we can make a difference

Roughly 85 percent of websites now support HTTPS, thanks in large part to Let’s Encrypt. It’s a large number, but one that begs the question: What about the remaining 15 percent? That seemingly small figure represents hundreds of millions of sites, each one posing a security and privacy risk to anyone who visits them.

To make the web truly secure, HTTPS needs to be ubiquitous. And that means supporting teams like Let’s Encrypt that make it easier for sites to adopt the HTTPS protocol.

Despite its huge impact, Let’s Encrypt is a tiny team that relies entirely on charitable donations to operate. Its work is only possible thanks to the generosity of people who want to make the web a more secure and privacy-respecting place. That’s why we’ve partnered up for the nonprofit’s annual summer fundraising campaign. If you can, please consider making a donation. Together, we can ensure that every website has HTTPS enabled and eliminate weak, insecure connections for good.

Source