Free and open certificate authority Let’s Encrypt released its Billionth certificate on Thursday, four and a half years after the first certificate was given.
Let’s Encrypt is a secure, automatic, and accessible certificate authority (CA), sponsored by the Linux Foundation, introduced by the Internet Security Research Group (ISRG) to accelerate HTTPS adoption. It provides free digital certificates and also manages the task of handling certificates for site owners.
In December 2015, the CA opened officially and issued one million certificates by March 2016. It’d issued more than 100 million certificates by June 2017. By hindsight, the CA states, the Internet is now much more secure than it was back then.
Specifically, about 58 percent of the websites were loaded over HTTPS globally in June 2017 (64 percent in the United States), compared with 81 percent of the website loads now being provided over an encrypted connection (91 percent in the United States).
“Nothing drives adoption like ease of use, and the foundation for ease of use in the certificate space is our ACME protocol. ACME allows for extensive automation, which means computers can do most of the work. It was also standardized as RFC 8555 in 2019, which allows the Web community to confidently build an even richer ecosystem of software around it,” Josh Aas, ISRG executive director, mentioned.
ACME customers already exist for almost any delivery environment, Aas says.
Aas says, browsers have started requiring Encryption for more functionality for the past three years, and have also alerted their users about the risks associated with not using HTTPS. With clearer alerts emerging on pages using HTTP, more website owners have chosen to adopt HTTPS.
Let’s Encrypt currently services 192 million websites, but the CA remains a small organization with only 13 full-time employees and about $3.35 million in annual spending. It had operated 46 million websites back in 2017, with 11 full-time employees and a $2.61 million annual budget.
“As a community we’ve done incredible things to protect people on the Web. Having issued one billion certificates is affirmation of all the progress we’ve made as a community, and we’re excited to keep working with you to create an even more secure and privacy-respecting Web for everyone,” Aas notes.