[kwlug-disc] Let's Encrypt out of beta

B.S. bs27975 at yahoo.ca
Fri Apr 15 16:21:46 EDT 2016 


----- Original Message -----
> From: Paul Nijjar via kwlug-disc <kwlug-disc at kwlug.org>
> To: KWLUG discussion <kwlug-disc at kwlug.org>
> Cc: Paul Nijjar <paul_nijjar at yahoo.ca>
> Sent: Friday, April 15, 2016 2:59 PM
> Subject: Re: [kwlug-disc] Let's Encrypt out of beta
> 
.
.
.
(reordered)
.
> You may be right. Maybe this is FUD.

To be clear, the FUD was the unsubstantiated:

----- Original Message -----
> From: Paul Nijjar via kwlug-disc <kwlug-disc at kwlug.org>
> To: KWLUG discussion <kwlug-disc at kwlug.org>
> Cc: Paul Nijjar <paul_nijjar at yahoo.ca>
> Sent: Wednesday, April 13, 2016 3:33 PM
> Subject: Re: [kwlug-disc] Let's Encrypt out of beta
> 
> On Wed, Apr 13, 2016 at 05:40:01PM +0000, CrankyOldBugger wrote:
>> Here's an update on the Let's Encrypt project from LF:
>> 
>> 
> http://www.eweek.com/security/lets-encrypt-internet-security-initiative-exits-beta.html
> 
> 
> Huh. This tells me that the project is dangerous, because it depends on
> continued corporate sponsorship for its existence. Once our "friends"
> at the big companies drop their sponsorships, it will fall apart. 


in the face of all (hosted / public facing) projects, commercial or not, need funding. (And many do so in a similar way, yet do not appear to be dangerous.) In the face of the lack of substantiation, everybody should consider every project 'dangerous'. For 'newcomers' that won't yet 'know' any better, taking such at face value would not serve them well.

.
.
.
> Maybe the funding model becomes semi-gross, with different kinds of
> certificates being offered at different price levels.

https://en.wikipedia.org/wiki/Let%27s_Encrypt notes: By getting rid of payment, web server configuration, validation emails and dealing with expired certificates it is meant to significantly lower the complexity of setting up and maintaining TLS encryption.

So I don't expect a funding model change, and I hope it never does. Let the other players already out there do what they do for that level. To need such, presumably one has a (commercially?) viable web site, and can afford the fees. The point of "Let's Encrypt!" is simply to get it out there in a saturated way. At that level, and sticking to that level, may it have outstanding success.

kwlug is well aware of the additional burden of "icky money", so can well appreciate the approach.

More information about the kwlug-disc mailing list