How large is Let's Encrypt compared to other CAs?


#1

Is it already among the CAs with the most issued certificates?

I mean the stats of Let’s Encrypt itself are nice, but it is always good to see some comparison. :smiley:


#2

about 0.8% of all certs in the world is issued by LE


#3

https://w3techs.com/technologies/overview/ssl_certificate/all
LE is showed as IdenTrust , because its anchor


#4

Actually in your stats also Let’s Encrypt is shown:

less than 0.1%
0.1%

But I doubt that IdenTrust itself issues so much certs to show the difference.

Also here both LE and IdenTrust are listed.


#5

I suppose most stats are badly broken (with SNI, how can you be sure that you have seen all possible certificates). There was also a list of the number of certificates issued by CA on a talk on the 23C3, based on this list LE should be No. 1 far off currently.


#6

IdenTrust seems to have issued very few certificates:

https://crt.sh/?Identity=%&iCAID=1588&p=1&n=200
https://crt.sh/?Identity=%&iCAID=277&p=1&n=300

DST Root CA X3’s cild CAs: https://crt.sh/?caid=276


#7

This only includes certs published via Certificate Transparency and these must of course not all they issued.


#8

That IdenTrust’s usage (including 23 614 certificates issued by Let’s Encrypt) was less than 0,1 % as late as 1 December¹ (two days before Let’s Encrypt entered public beta) confirms that they have issued “very few certificates” (compared to the 221 862 certificates Let’s Encrypt had issued a month later).

¹ https://w3techs.com/technologies/history_overview/ssl_certificate/all


#9

It’s worth noticing for a moment that Let’s Encrypt specifically only issues certificates for (what is often known as) the web PKI. A lot of the statistics we’re talking about are either specifically limited to the web PKI or in practice have very little visibility beyond that.

By the web PKI what I mean is the public key infrastructure that grew up as a result of SSL (and then TLS) on the public Internet, roughly the stuff that’s covered by the Baseline Requirements of the CA/B forum. Most obviously that includes https://google.com/ but at the edges it touches on an IMAP server doing STARTTLS or an internal-only test server knocked up with a few lines of Python and granted a certificate using ACME DNS validation even though the actual server has no Internet access.

Certificate Transparency only applies to the web PKI (in fact you can’t even submit certificates that don’t seem to chain back to what Google considers root CAs for the web PKI), web surveys like w3tech only look at the (presumably large) fraction of the web PKI that’s actually on the public world wide web, and “browser market share” estimates often only actually ask the CAs about their SSL business and may specifically exclude certificates they’re selling outside the web PKI.

It looks reasonable to believe, though it’s hard to be entirely certain, that Let’s Encrypt are among the top five CAs in terms of the web PKI and ranking based on volume of current valid certificates or names certified.

But there are a LOT of other certificates out there, beyond the web PKI

Firstly: Private CAs operating in parallel with the web PKI, many commercial CAs operate one or more entirely parallel CA roots such as Entrust’s L1R, not included in popular trust stores and used largely for internal systems at corporations where all company computers can be compelled to trust the special private root key. Since they’re not publicly trusted they don’t need to obey the BRs, which means they can have streamlined request processes (e.g. just sign in your password, and we’ll issue any certificate you want) permit obsolete crypto algorithms (still want MD5 in 2016? No problem) ignore name rules (Machine named exchange.corp ? Sure, seems fine) and so on. A lot of practices that were outlawed for the web PKI due to their risk continue in private.

Many commercial CAs also offer certificates for S/MIME. Never as generally popular as email itself, S/MIME lives on in some applications and because certificates are issued to individual users / email addresses it’s not at all unreasonable to imagine that tens of millions or even more of these certificates might be issued each year from CAs.

And then there are less common Internet-related certificate types such as IPsec certificates, VPN certificates, and certificates for 802.1x (often on WiFi) authentication.

Beyond that you’ve got certificates for code signing and signing virtual contracts, and certificates baked into physical devices such as payment terminals. iPhones, Microsoft domain servers, lots of things have certificates. Some of them, perhaps more than you’d think, end up being issued by the major commercial CAs, even just because they know how to fill out the forms correctly.

If you only care about the web PKI (and probably lots of people do) that makes Let’s Encrypt very important. But in other contexts they’re irrelevant, and it is worth being a bit humble about that.


#10

Good explanation of the different certificate types, however as you also said one fact is for sure: The web PKI is the biggest PKI.
As HTTPS is probably the most widespread protocol with encryption build-in it is only reasonable to assume that the web PKI is the biggest one. All other certificates are more or less edge-cases compared to the whole web.


#11

New data :tada::

BTW: Can an admin please open Let's Encrypt statistics? I think it is wortzh for this thread to stay open.


#12

Also have a look at these statistics: https://ct.tacticalsecret.com/