SoylentNews is people
SoylentNews
Let's encrypt, the free SSL CA has achieved a significant milestone. From their press release:
We're pleased to announce that we've received cross-signatures from IdenTrust, which means that our certificates are now trusted by all major browsers. This is a significant milestone since it means that visitors to websites using Let's Encrypt certificates can enjoy a secure browsing experience with no special configuration required. Both Let's Encrypt intermediate certificates, Let's Encrypt Authority X1 and Let's Encrypt Authority X2, received cross-signatures. Web servers will need to be configured to serve the appropriate cross-signature certificate as part of the trust chain. The Let's Encrypt client will handle this automatically.
You can see an example of a server using a Let's Encrypt certificate under a new cross-signed intermedate here.
Vital personal and business information is flowing over the Internet more frequently than ever, and it's time to encrypt all of it. That's why we created Let's Encrypt, and we're excited to be one big step closer to bringing secure connections to every corner of the Web.
This is hopefully a good step in the direction of an encrypted web!
(Score: 0) by Anonymous Coward on Wednesday October 21 2015, @01:59PM
This suggestion seems to appear on pretty much every thread about HTTPS, and I don't understand why it's not done. It's called opportunistic encryption [wikipedia.org]. HTTP/2 included some proposals for it, including one that Firefox implemented for a time... but it had a bug that allowed padlock sites to also bypass the certificate check. And for some reason, their fix for the bug was to remove the feature entirely (a reasonable first step...) and then apparently forget about the feature altogether.
(Score: 0) by Anonymous Coward on Wednesday October 21 2015, @05:03PM
They already got the press credit for adding the feature. What glory is there in tracing down a complicated but like that compared to doing another highly visible change?