The Internet Security Research Group is launching a "free, automated and open certificate authority" called Let's...
Encrypt, and certificates are now available in limited beta. How does this work, and is it as secure as using a paid certificate authority? Are there any caveats enterprises should be aware of?
Digital certificates are at the heart of secure communications over the Internet, enabling a user or device to verify who they are communicating with and ensure those communications are private. Many enterprise websites use them, but for smaller sites they often prove difficult and frustrating to install and renew, and typically don't come cheap. To solve this problem and make HTTPS more widely accessible, a new certificate authority called Let's Encrypt will begin issuing free X.509 certificates via an automated and hopefully easy process to anybody who owns a Web domain.
Let's Encrypt is an open certificate authority (CA) service provided by the Internet Security Research Group (ISRG), a public benefit organization supported by organization's such as the Mozilla Foundation, Cisco, Akamai, the Electronic Frontier Foundation and IdenTrust; the Linux Foundation has provided staffing and administrative work.
While most CAs provide help on how to install a certificate, it can still be a confusing and stressful task for the less-experienced administrator. In contrast, the Let's Encrypt certificate management client runs on the administrator's own Web server and automates the certificate issuance and install process, enabling those who don't necessarily have the skills, budget or time to install a Web server certificate to configure their server to use HTTPS and automatically take care of certificate renewal. The protocol used to automate enrolling is called Automated Certificate Management Environment. It's still a work in progress and a draft specification is available on GitHub, and a version has been posted as an Internet Draft Link.
Let's Encrypt uses a two-step process to set up a certificate on a Web server. First, the agent proves to the CA that the Web server controls a domain. The Let's Encrypt CA will issue a challenge such as provisioning a DNS record or HTTP resource, and a nonce that the agent must sign with its private key pair to prove it controls the key pair. Once the CA has verified the challenges have been satisfied, the agent identified by the public key is authorized to perform certificate management tasks for that domain. Once the agent has an authorized key pair, requesting, renewing and revoking certificates is just a case of signing certificate management messages with the authorized key pair. For example, to revoke a certificate, the agent signs a revocation request with the authorized key pair, and once the CA verifies the request, it publishes revocation information to the normal revocation channels of CRLs and OCSP.
Let's Encrypt issues DV (Domain Validated) certificates, meaning only ownership of the domain has been verified. An extended validation (EV) SSL certificate, which activates the padlock and the green address bar in modern browsers, require CAs to carry out additional checks to establish the legal identity, as well as the operational and physical presence of the website owner. Because of this, EV certificates cost a lot more than DV certificates, up to $1,000. Not a huge amount for a large organization, but the cost adds up, as enterprises may needs hundreds of certificates.
Trust in digital certificates relies on CAs having a robust and secure infrastructure and certificate issuance procedures that minimize the possibility of fraudulent certificate issuance. Sadly, some CAs are failing on both fronts. CAs such as Comodo and DigiNotar have been attacked and compromised, allowing hackers to digitally impersonate organizations like Facebook, Twitter, Skype, Google and the CIA. Other CAs have been guilty of poor practices; an intermediate CA certificate of ANSSI, the French Cyber Security agency, was used to generate fake certificates used to carry out man-in-the-middle attacks, and MCS Holdings based in Egypt, an intermediate certificate authority that operates under the China Internet Network Information Center, issued unauthorized digital certificates for various Google domains.
Given this state of affairs, Let's Encrypt should definitely be a CA that enterprises look to trial in instances where an EV certificate is not required. Ease of certificate management is a big plus point and means organizations could rotate their certificates more frequently. Some administrators will feel uncomfortable using a certificate from a noncommercial organization, and hosting providers may be reluctant to incorporate a nonprofit making certificate into their offerings for smaller businesses. However, a free CA will surely prove popular if it avoids the problems of misissuance and compromise that other CAs have had, and a DV certificate is better than no certificate at all even, if the authentication process is minimal.
Note: CAs have to apply to have their root certificates installed within major Web browsers, a process that can take as long as three years. So that Let's Encrypt certificates will be accepted by all major browsers, ISRG's root certificate will be cross-signed by IdenTrust, a CA owned by smartphone government ID card provider HID Global, until that application process is complete. All ISRG keys are currently RSA keys, but the plan is to generate Elliptic Curve Digital Signature Algorithm-based keys later this year. Let's Encrypt is scheduled to enter public beta on Dec. 3.
Learn more about the DNSSEC protocol and how it compares to certificate authorities
Dig Deeper on Web browser security
Related Q&A from Michael Cobb
See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown. Continue Reading
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and... Continue Reading
WhatsApp vulnerabilities can enable hackers to bypass end-to-end encryption and spoof messages. Expert Michael Cobb explains how these attacks work ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.