- ITDM 2025 전망 | “비전을 품은 기술 투자, 모두가 주춤한 시기에 진가 발휘할 것” 컬리 박성철 본부장
- 최형광 칼럼 | 2025 CES @혁신기술 리터러시
- The Model Context Protocol: Simplifying Building AI apps with Anthropic Claude Desktop and Docker | Docker
- This robot vacuum and mop performs as well as some flagship models - but at half the price
- Finally, a ThinkPad model that checks all the boxes for me as a working professional
Let’s Encrypt Issues Three Billionth Certificate
The non-profit that runs Let’s Encrypt has revealed the open certificate authority (CA) passed the three billion mark for certificates issued this autumn, making the internet a safer place in the process.
Let’s Encrypt was launched in 2015 with a simple mission: offer X.509 certificates for Transport Layer Security (TLS) encryption at no charge. In so doing, it has rapidly increased the number of websites able to secure their communications with users via HTTPS.
According to a new report from the Internet Security Research Group (ISRG), the non-profit behind Let’s Encrypt, usage grew by more than 33 million domains in 2022.
As of November 1 2022, Let’s Encrypt provides TLS to over 309 million domains via 239 million active certificates. It added that 82% of pages loaded by Firefox now use HTTPS globally.
While the initiative took five years to issue its billionth certificate, it reached three billion just two years later. That indicates both its acceptance by mainstream browsers and operating systems, and the tremendous appetite for TLS certificates to secure machine identities today.
However, in the past, security experts have also noted that threat actors used Let’s Encrypt-issued certificates to hide their own malfeasance and legitimize phishing sites.
It’s also true that, as the number of machine identities spirals, the need to properly manage and keep track of them becomes more important – or else they could be hijacked by cyber-criminals.
However, ISRG executive director, Josh Aas noted several improvements the non-profit is making behind the scenes.
One is designed to make it easier for users to renew their certificates quickly if, as happened earlier this year, the authority is forced to revoke them for any reason.
“We’ve developed a specification for automating certificate renewal signals so that our subscribers can handle revocation/renewal events as easily as they can get certificates in the first place (it just happens automatically in the background),” he said.
“That specification is making its way through the IETF standards process so that the whole ecosystem can benefit, and we plan to deploy it in production at Let’s Encrypt shortly.”
Editorial credit icon image: monticello / Shutterstock.com