In case you’ve been in a cave, you may not have noticed Web security is a mess. Gmail had fits this weekend with sending mail because the mail server tasked with sending messages had an expired security certificate. Before that, a Secure-Socket Layer (SSL) encryption problem that had been hiding in the code since the 1990s opened the door to the FREAK security hole. It’s clear the industry needs to get its act together when it comes to web site encryption. The Internet Security Research Group (ISRG) with its Let’s Encrypt project wants to give us that fix.
Securing the web once and for all: The Let’s Encrypt Project. More>