Independent audits of Let's Encrypt finished


#1

After there was some criticism (discussion) about the fact that LE already issues certs, but does not was audited independently, it now seems that the audit of the CA finished today.

At least such documents were already published:


Audit and Problems with Mozilla
Neuer Bereicht über LE bei Heise
#2

Ofcourse those guys from other “”“free”"" CA’s are whining about Let’s Encrypt. But I won’t shed a tear if they’ll go out of business. Yes, I’m talking about a certain CA with their ridiculous revocation costs for their free certificates and their position after HeartBleed… :angry:

Go Let’s Encrypt, go! :smiley:


#3

thanks for the heads up @rugk


#4

I add the link to these documents in the bug https://bugzilla.mozilla.org/show_bug.cgi?id=1204656


#5

I doubt they will go out of business. They may be forced to change certain policies and practices to be seen as a better option than LE. They already offer wildcard and OV/EV certs. Not free but way cheaper than many other CAs.

I suspect LE will have a net positive impact on the DV cert market. If nothing else LE offerings should drive down the cost.


#6

Interesting that there is still no official statement about this. At least one German news site is already going crazy (:wink:) , because these reports appeared so “suddenly” and it seems to be a mystery that the documents are dated to be from the 8th/9th of November.

So @LEstaff: I think a blog post might be helpful.