The Linux Foundation is to host an open encryption project aimed at providing a free and easy way to protect the huge amount of data passed over the internet every day.
This data includes usernames and passwords, credit card data, cookies, and other types of sensitive or personal information.
While encryption can help protect this information, the secure sockets layer (SSL) certificates required for encryption on the internet have to date been difficult to obtain.
The non-profit Linux Foundation is to host the Let’s Encrypt project set up by the Internet Security Research Group (ISRG), a Californian public benefit organisation.
The Linux Foundation is dedicated to improving internet security and has a track record in helping build open-source communities around important projects, while ISRG’s mission is to reduce financial, technological and education barriers to secure communication over the internet.
Read more about SSL
- The security industry's 'blind trust' may result in a new wave of security threats caused by fake SSL certificates
- PrivDog compromises the secure sockets layer (SSL) protocol used to secure online transactions
- Microsoft has warned that an SSL certificate for the domain live.fi has been “improperly issued” and could be used to spoof content
- Security researchers say the newly-disclosed critical SSL weakness in Microsoft’s Windows operating system could be worse than Heartbleed
Let’s Encrypt is a free, automated and open security certificate authority that enables website owners to obtain security certificates in minutes to help protect online transactions.
The project is sponsored by Akamai, Cisco, Electronic Frontier Foundation, Mozilla, IdenTrust and Automattic.
ISRG and Let’s Encrypt will be hosted as a Linux Foundation Collaborative Project, which are independently funded software projects designed to tap into the power of collaborative development.
These projects span the enterprise, mobile, embedded and life sciences markets and are backed by some of the largest technology companies.
“While the web has been a part of our lives for decades now, the data shared across networks is still at risk,” said Linux Foundation executive director Jim Zemlin.
“By hosting this important encryption project in a neutral forum we can accelerate the work towards a free, automated and easy security certification process that benefits millions of people.”
ISRG executive director Josh Aas said encryption should be the default for the web.
“The web is a complicated place these days; it’s difficult for consumers to be in control of their data. The only reliable strategy for making sure that everyone’s private data and information is protected while in transit over the web is to encrypt everything. Let’s Encrypt simplifies this,” he said.