How will this affect the IGTF?


For a long time, the IGTF has managed the policies of three PMAs. These PMAs managed the CA’s for various national and regional institutes involved in research, most notably the WLCG.

Would it be possible or desirable to include the LE CA in one or all of these PMAs ?

Since we are interested in creating a PMA for the African region, which does not yet exist, it might be interesting to do this from the start…


I’m not familiar with IGTF, but it looks like end-user certificates (client certs) is a very big part of their concern. Let’s Encrypt doesn’t have plans to issue any of those, so I don’t think we could help them with that.

More generally, it seems like they’re working with authenticating entities based on specific offline knowledge of their identity, which is also not where Let’s Encrypt is going with our focus on complete automation of the process.

If they have a need for DV-only TLS server certificates, we’re naturally happy to give them as many as they want. :slight_smile:


Hi @schoen Thanks for the feedback.

IGFT issues personal and host certificates - thanks for clarifying the different roles that you and they have. Much obliged :smile: