Month: January 2016

Let’s Encrypt are right: HTTPS does not mean a site can be trusted
Security

Let’s Encrypt are right: HTTPS does not mean a site can be trusted

Preface: Let's Encrypt is a project that aims to make SSL certificates free and easily available for anyone and everyone. Their aim is to create a more secure internet. Read all about them on their site here. Also for this article to make sense you'll need to understand two of the types of certificates available. Domain Validation and Extended Validation. Domain Validation certificates merely make sure your connection to a website is encrypted. Extended Validation certificates are used by companies to prove to the user that you're talking to a legitimate business as well as that your connection to the server is encrypted. Let's Encrypt were recently in the news as a certificate issued by them was used by a malvertising website. Despite being made aware of this, they refused to revoke the ...