As we've called for widespread use of HTTPS, the cost and complexity of the certificate system has been an obstacle.
In 2015, a certificate authority, trusted by mainstream web browsers, will issue certificates for web servers automatically at no charge in under a minute. This CA will automatically perform Domain Validation (DV) to verify applicants' control over domain names. The associated software can optionally reconfigure their web servers and deploy the new certificates immediately. We'll take a look at how the Let's Encrypt CA works, our ACME protocol for requesting and issuing certs, and the client software that can automate the process. And we'll demonstrate what the experience of getting a cert from the new CA may look like for webmasters (don't look away, or you might miss it!). We'll also talk about who's behind Let's Encrypt and some of the measures we're considering for preventing misissuance of certs. Of course, you're invited to test and help perfect the process.
Speakers: Seth Schoen