Everyone's pro-encryption these days, unless they're part of the surveillance state. But cryptography is hard, and good cryptography tends to be both hard and expensive. As a result, only a small percentage of Internet traffic is encrypted. Surveys I've seen (such as this one) disagree on the numbers, but it's almost always under 10 percent.
Now some big Internet players are launching a free certificate authority they call Let's Encrypt. Mozilla, Akamai, Cisco, the EFF and IdenTrust are the sponsors. Researchers at the University of Michigan are also involved (i.e. as free labor). They are targeting Q2 2015 for launch.
It's all coordinated through an organization called the ISRG (Internet Security Research Group), which I think must be the same thing as Let's Encrypt at this point, since it doesn't even appear to have a web site. The mission of the ISRG is "... to reduce financial, technological, and education barriers to secure communication over the Internet" so, presumably, it could be the coordinating body for efforts similar to Let's Encrypt.
Let's Encrypt will create a certificate authority which is:
- Free, as in beer, meaning no charge for certificates
- Automatic, meaning that the installation, configuration and renewal require no actions by the user/administrator
- Secure, meaning they are committed to being a model of best practice in their own operations
- Transparent, in that records of all certificate issuance or revocation will be publicly available
- Open, meaning that the automatic issuance and renewal operations will be published as an open standard
- Cooperative, meaning that it's controlled by a multi-stakeholder organization and exists to benefit the community, not any of the consortium members
So, should Symantec and the other big certificate authorities be worried? If we assume that these certificates and the service will be high-quality, why would anyone pay? Because the cost of the certificate isn't really a big problem for larger organizations and businesses are usually more comfortable doing business with other businesses rather than with an unaccountable collection of do-gooders.
Those larger organizations are much more likely to be using SSL/TLS extensively already. They may not be using it everywhere they could or should, but it's not likely the cost of the certificates or anything else related to the bullet points above that is preventing them. It's the hassle, the perception of other costs attendant to SSL/TLS and the fear of breaking things that are working fine as-is.
I spoke to Symantec which, having bought and incorporated Verisign many years ago, is the largest of the commercial CAs. (Full disclosure: Many years ago I did consulting work for Verisign; it ended not long after Symantec acquired the company.)
The company says that they knew something like this would happen and that they are prepared for it, and it's not hard to see why. Symantec is number one, but they do have competition. If certificates were just commodity items then customers would just look for the cheapest option (as little as $4.99 per year). Symantec, not surprisingly, says there is more to it.
It's worth pointing out that there are three kinds of SSL certificates: Domain Validated (DV), Organization Validated (OV) and Extended Validation (EV). To get a DV cert you only need prove that you control the domain for which the certificate is assigned. For an OV cert the CA checks with third parties to ensure that the name of the applying organization is the same as that which owns the domain. For an EV cert, the kind that turn your browser address bar green, you need to provide much more extensive documentation, and there are no personal EV certs.
The very fact that the Let's Encrypt process is automated means that they will not be able to offer anything other than DV certificates. To many companies this isn't enough. Note that you do see a lot of EV certificates now and nobody has to use them; the organizations perceive that users recognize and respect the green thing.
With OV certs there is no such obvious visual cue; to tell that a certificate was OV, you would need to examine the certificate properties, and nobody does that (well, I do it sometimes, but that doesn't count). But there are some systems, such as the Norton Secured Seal, which require either OV or EV certificates for the site. Symantec says that it is used widely and that users respect it. With Let's Encrypt, on the other hand, anyone with a domain can get SSL with no proof whatever of who they are.
For the very reason that they compete with each other, the commercial CAs that charge hundreds of dollars a year for a certificate must prove their business value. They do this many ways. One is with a network that responsive, for instance, to revocation checking. They provide support of the kind you can't expect from a completely automated service like Let's Encrypt or the cheap CAs.
Symantec also recounts the story of the days after the revelation of the Heartbleed bug. They quickly scanned all customer sites to see if they were vulnerable and reached out to customers if they were, offering tools and resources to help them.
I find Symantec's arguments reasonable. If Let's Encrypt is a threat to anyone, it's to the $4.99 per year guys. If you're buying that kind of certificate it's clear that you just want the lock icon or to meet some contractual requirement to use SSL and a respected free certificate serves your purposes as well as a cheap one.
Don't get me wrong, if they can get it working as they promise, Let's Encrypt removes any excuse for a site not to use SSL. They make it free and no-hassle. This is a good thing, even if the authentication is extremely weak. And there are some issues left to resolve.
The bottom line is that the new imperative for SSL, generally deriving from reactions to the Edward Snowden revelations of government surveillance, is all about encryption, not authentication. SSL certificates perform both tasks and I think privacy advocates who emphasize encryption with only passing regard for authentication make a mistake by doing so. I suspect users and the various advocates will discover this some day and demand that the ISRG launch Let's Authenticate. That will be a much harder job.