The service, provided through the Internet Security Research Group (ISRG), a California public benefit corporation, will launch in 2015 and offer anyone with a domain name a free trusted certificate.
Josh Aas, executive director of ISRG, said in a Tuesday interview with SCMagazine.com that the seed for Let's Encrypt was planted while he worked on designing HTTP/2.
“There was a lot of discussion about making encryption mandatory, and I was in support of that,” he said. “But the major criticism was that it was too hard to get certificates. There were cost and complexity barriers there.”
Let's Encrypt addresses those obstacles. The software will obtain a browser-trusted certificate for domain owners and set it up on their web servers. Then, it will keep track of when the certificate is set to expire, at which point it will be automatically renewed.
The tech community seems to be intrigued by the idea, Aas said.
“The response to this has been overwhelmingly positive,” he continued. “It's not very hard to convince people that this is a way to increase encryption on the web.”
In addition to Mozilla, Cisco and Akamai, the University of Michigan, Stanford Law School, CoreOS and the Electronic Frontier Foundation (EFF) are listed on the ISRG Board of Directors.