• Feeling isolated? You're not alone.

    Join 20,000+ people who understand exactly how your day went. Whether you're newly diagnosed, self-identified, or supporting someone you love – this is a space where you don't have to explain yourself.

    Join the Conversation → It's free, anonymous, and supportive.

    As a member, you'll get:

    • A community that actually gets it – no judgment, no explanations needed
    • Private forums for sensitive topics (hidden from search engines)
    • Real-time chat with others who share your experiences
    • Your own blog to document your journey

    You've found your people. Create your free account

Potential alternative for web encryption - Please review

It's not so much a new replacement as it's just offering more choices. The important factor of Let's Encrypt, is that it makes it easy for website owners to enable HTTPS on their websites, without having to go through the process of obtaining a certificate from a commercial CA, and that potentially helps to improve both security and privacy online.

It's an issue of trust. Which entities are more trustworthy? Can any be trusted? It has become exceedingly difficult to trust major corporations and other entities and retain any kind of confidence in how they handle their policies and practices. It gives people more options and that's great. Additionally, it helps to comply with other standards such as HTTPS Everywhere, which is also helpful.
 
Commercial CAs are ok. Not necessarily better than a free one, but ok.

BTW - HTTPS has been around a very long time by IT standards. It's been universally available on commercial platforms for decades.
All the certs have to follow the same standard so they can interoperate. There cannot be anything special about "Let's Encrypt's" certs. It's nice that they're free of course, but there's no way they're more secure than anyone else's.
 
Let's Encrypt is a good service. However, IT people are generally reluctant to change something that is working without a very compelling reason. I personally completely removed my reliance on google products after they cancelled one too many things I used. Whether avoiding google to switch to another product, free or not, is worth it is a calculation that has to be made.
 
My customers always have a relationship with a CA or a middleman. I've never used Google.
Basic certs are quite cheap though - the ones I use (minimal metadata in the cert) cost about USD 20 per year.

Now and then I work with customers that have their own CAs, a surprisingly high proportion of those haven't understood what they were doing /lol.

If anyone is interested, I can paste in the text version of a signer certificate.
 
RESleight said:
It's an issue of trust. Which entities are more trustworthy? Can any be trusted? It has become exceedingly difficult to trust major corporations and other entities and retain any kind of confidence in how they handle their policies and practices. It gives people more options and that's great. Additionally, it helps to comply with other standards such as HTTPS Everywhere, which is also helpful.
Click to expand...
And Let's Encrypt is funded by...


Google
Amazon
Facebook
...

https://www.abetterinternet.org/sponsors/
 
You must log in or register to reply here.

New Threads

Top Bottom