SoylentNews

martyb [soylentnews.org] writes:

https://www.securityweek.com/lets-encrypt-now-trusted-all-major-root-programs [securityweek.com]:

Let’s Encrypt root, ISRG Root X1, is now trusted by all major root programs, including Microsoft, Google, Apple, Mozilla, Oracle, and Blackberry.

[...] At the end of July 2018, Let’s Encrypt received direct trust from Microsoft products, which resulted in it being trusted by all major root programs. The CA’s certificates are cross-signed by IdenTrust, and have been widely trusted since the beginning.

“Browsers and operating systems have not, by default, directly trusted Let’s Encrypt certificates, but they trust IdenTrust, and IdenTrust trusts us, so we are trusted indirectly. IdenTrust is a critical partner in our effort to secure the Web, as they have allowed us to provide widely trusted certificates from day one,” noted [letsencrypt.org] Josh Aas, Executive Director of ISRG.

[...] While some of these [older operating systems, browsers, and devices] are expected to be updated to trust the CA, others won’t, and it might take at least five more years until most of them cycle out of the Web ecosystem. Until that happens, Let’s Encrypt will continue to use a cross signature [from IdenTrust].

Original Submission