A promise that actually was delivered upon – is this real life? Back in summer 2017, Let’s Encrypt, the free and open certificate authority (CA), said they’d soon deliver “wildcard” certificates to enable secure HTTP connections for entire domains – for free.
The great day is today and it’s time to highlight their great work in democratizing security for the masses.
The full story is here and is certainly worth a read. Here’s the gist:
“ACMEv2 is an updated version of our [Automated Certificate Management Environment] ACME protocol which has gone through the IETF standards process, taking into account feedback from industry experts and other organizations that might want to use the ACME protocol for certificate issuance and management someday.
Wildcard certificates allow you to secure all subdomains of a domain with a single certificate. Wildcard certificates can make certificate management easier in some cases, and we want to address those cases in order to help get the Web to 100% HTTPS.”
The folks at Let’s Encrypt added: “We still recommend non-wildcard certificates for most use cases.”
For the full technical rundown for ACMEv2 and wildcard certificates, dig in here.
HTTPS – So easy Wile E. Coyote can do it, thanks to ACME.
// Return false to prevent the submission handler from taking the lead to the follow up url
*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Cylance Blog. Read the original post at: https://threatmatrix.cylance.com/en_us/home/lets-encrypt-delivers-on-promise-of-secure-http-connections.html