Let’s Encrypt - Minting Free Certificates to Encrypt the Entire Web Peter Eckersley Electronic Frontier Foundation James Kasten Electronic Frontier Foundation Yan Zhu Electronic Frontier Foundation Let’s Encrypt is a new certificate authority that is being launched by EFF in collaboration with Mozilla, Cisco, Akamai, IdenTrust, and a team at the University of Michigan. It will issue certificates for free, using a new automated protocol called ACME for verification of domain control and issuance. This talk will describe the features of the CA and available clients at launch; explore the security challenges inherent in building such a system; and its effect on the security of the CA marketplace as a whole. We will also update our place on the roadmap to a Web that uses HTTPS by default. Peter Eckersley is Chief Computer Scientist for the Electronic Frontier Foundation. He leads a team of technologists who watch for technologies that, by accident or design, pose a risk to computer users’ freedoms—and then look for ways to fix them. They write code to make the Internet more secure, more open, and safer against surveillance and censorship. They explain gadgets to lawyers and policymakers, and law and policy to gadgets. Aside from Let’s Encrypt, Peter’s other work at EFF has included privacy and security projects such as Panopticlick, HTTPS Everywhere, SSDI, and the SSL Observatory; helping to launch a movement for open wireless networks; fighting to keep modern computing platforms open; and running the first controlled tests to confirm that Comcast was using forged reset packets to interfere with P2P protocols. Peter holds a PhD in computer science and law from the University of Melbourne. James Kasten is a PhD candidate in Computer Science and Engineering at the University of Michigan and a STIET fellow. James is also a contractor at the Electronic Frontier Foundation. His research focuses on practical network security and PKI. James has published on the state of TLS, its certificate ecosystem and its vulnerabilities. Most notably, James has helped design the protocol and launch the technology behind Let’s Encrypt. Yan is a security engineer at Yahoo, mostly working on End-to-End email encryption and improving TLS usage. She is also a Technology Fellow at EFF and a core developer of Let’s Encrypt, HTTPS Everywhere, Privacy Badger Firefox, and SecureDrop. Yan has held a variety of jobs in the past, ranging from hacking web apps to composing modern orchestra music. She got a B.S. from MIT in 2012 and is a proud PhD dropout from Stanford. Yan has been a speaker at HOPE, DEFCON 22, jQuerySF, Real World Crypto, SXSW, and various other human gatherings. She is @bcrypt on Twitter.