SoylentNews is people
SoylentNews
Let's Encrypt has announced the generation of root and intermediate certificates, share the public keys, and show the layout of their operational structure. The keys are RSA (the Rivest, Shamir, and Adleman algorithm) for now with ECDSA (Elliptic Curve Digital Signature Algorithm) versions coming later this year.
The root certificates are for the Internet Security Research Group (ISRG) and separately for the Online Certificate Status Protocol (OCSP) for the ISRG. OCSP is described in RFC 6960 and used for revocation of certificates.
The intermediate certificates are for two different intermediate Let's Encrypt CA (Certificate Authority) servers named/numbered X1 and X2. These are cross-signed by the IdenTrust root CA for ease of deployment and use by existing browsers without the need for any modifications until the browsers add the ISRG root CA through updates. The Let's Encrypt intermediate CA X2 is only intended for disaster recovery in case of a non-functional X1. The Let's Encrypt announcement has a schematic of the structure.
The target is (or was) to launch the Let's Encrypt service in the second quarter of 2015 (which ends this month) and they plan on further announcements during the next few weeks.
Original Submission
(Score: 2) by Gravis on Wednesday June 10 2015, @04:48AM
SSL is not necessarily "owned" by NSA, GCHQ or anybody else, unless we use weak/flawed cryptographic algorithms/software.
"not necessarily" is just pedantry. when it comes to encryption, it's either secure or it's insecure (aka owned).
check out this wikipedia chart [wikipedia.org]. SSL 2.0 and SSL 3.0 are both insecure and have been replaced with TLS.