EFF Certificate Authority - Free SSLs! - Lets Encrypt

Discussion in 'Hosting Talk & Reviews' started by Steven F, Nov 18, 2014.

  1. Steven F

    Steven F New Member Verified Provider

    475
    147
    Jun 27, 2013
    drmike and MannDude like this.
  2. MannDude

    MannDude Just a dude vpsBoard Founder Moderator

    5,036
    2,634
    Mar 8, 2013
    MannDude
    Good for them. As long as they're recognized by browsers, it'll be great.
     
    yomero likes this.
  3. splitice

    splitice Just a little bit crazy... Verified Provider

    550
    252
    Jun 16, 2013
    I strongly approve.
     
  4. mojeda

    mojeda New Member

    347
    183
    May 14, 2013
    Awesome.
     
  5. k0nsl

    k0nsl Bad Goy

    444
    191
    Dec 15, 2013
    /me lieks  :wub: 
     
  6. HalfEatenPie

    HalfEatenPie The Irrational One Retired Staff

    2,890
    1,386
    Mar 25, 2013
    HalfEatenPie
    I wonder what the other CAs would do (the ones that make you pay). Maybe have better encryption algo? Or maybe focus more on background-checks and make sure they're able to provide detail on who they are via the cert?

    I don't know...
     
  7. yomero

    yomero New Member

    72
    21
    May 16, 2013
    Yep, but personally I don't think that will happen anytime soon. Mozilla, ok, chrome, maybe? IE??? Hmmm... (Hint: cacert).
     
    switsys likes this.
  8. splitice

    splitice Just a little bit crazy... Verified Provider

    550
    252
    Jun 16, 2013
    I don't see a problem with it being accepted. Its probably the primary reason for the 2015 release (technically its not complex to run a C.A).

    The main risk I see is easy access to certificates for impersonation but I am sure they work around this through stringent validation of authorized domains (e.g restriction to domain contacts).
     
  9. sv01

    sv01 Slow but sure

    426
    87
    May 17, 2013
    let's hope they don't ended like affirmtrust.com, never launching to public
     
  10. comXyz

    comXyz New Member

    245
    41
    Jul 4, 2014
    I still use StartSSL for my small websites. For me it's good enough.

    Sure I will check it out when it releases to public ^_^
     
  11. raindog308

    raindog308 vpsBoard Premium Member Moderator

    877
    675
    May 16, 2013
    Even a "normal" cert with an optional donation.


    Yes, I'd pay $5 or $10 to get my SSL from EFF as opposed to a commercial vendor.
     
    Last edited by a moderator: Nov 19, 2014
  12. drmike

    drmike 100% Tier-1 Gogent

    8,573
    2,717
    May 13, 2013
    Awesome! Please bring it to market.

    And thank you @Steven F for posting about this.
     
  13. switsys

    switsys Active Member

    204
    60
    Jul 18, 2013
    Nice with another free CA.

    Let's see if this one carries more weight than the former one.
     
  14. Abdussamad

    Abdussamad New Member

    87
    11
    May 17, 2013
    They're partnering with an existing CA from the old guard so there must be some plan. According to this article they are trying to make it easier to get and install a cert. If you have root access to your server you run their script and it acquires the cert and does the server configuration for you. But most people are on shared hosting where they don't have root access so how will they get a free cert? Perhaps they can't and that is how identrust keeps its market for commercial certs.
     
    Last edited by a moderator: Nov 19, 2014
  15. lbft

    lbft New Member

    178
    161
    May 15, 2013
    The commercial vendors can offer a couple of things that a free cert can't:

    • Those dumb little logos you can put on your site, that when clicked on give assurance that the site can be trusted and mention an impressively large sounding insurance policy that has never paid out in the history of the universe. Customers of e-commerce sites love them even though they don't mean anything.
    • EV certs: nobody is going to give away EV certs for free. As more sites have regular certs (and browser chrome gives EV certs more emphasis) there'll be a shift towards EV certs which are a lot more profitable.
     
    Wintereise likes this.
  16. Wild1145

    Wild1145 New Member

    6
    0
    Nov 1, 2014
    It would be good if everyone was using https, just as peace of mind for those that are not as internet savvy, but in all fairness, Cloudflare offers a secure connection now between the client and cloudflare, and thats enough for some people. 
     
  17. fixidixi

    fixidixi Active Member

    307
    71
    May 17, 2013
    "you run their script and it acquires the cert and does the server configuration for you"

    well aint gona happen.

    @max: it'll grab the cert and download it to the vps, then. well stops as im going to use that cert as i see fit :D.
     
  18. splitice

    splitice Just a little bit crazy... Verified Provider

    550
    252
    Jun 16, 2013
    Its an open protocol for requesting certificates. Its quite nice actually, currently working on a PHP client.
     
  19. TurnkeyInternet

    TurnkeyInternet Active Member Verified Provider

    139
    33
    Sep 30, 2014
    This would be a great thing if it makes to market and is compatible - I think automation is the key, globalsign with its 1-click for instance saves so much time its worth paying for over 'free' if you are the hosting company.   But its hard to argue with free!
     
  20. fixidixi

    fixidixi Active Member

    307
    71
    May 17, 2013
    My question is how are they going to handle verification:

    a) if its a pain in the *swearword* then well its still not that easy to get

    b) then all sorts of idiots are going to misuse it..

    well... :)