|
|
|
|
|
|
by pfg
3851 days ago
|
|
|
I would imagine most of the money goes towards: - Development of the official client[1] and boulder[2], the CA server software behind Let's Encrypt. Both are relatively big projects with lots of things to add/improve on. - Hosting CA servers in two separate data centers. HSMs for key storage are usually rather expensive as well. CRLs and OCSP are quite bandwidth-intensive[3], that's probably where Akamai's sponsorship comes in. Ops teams have to be available 24/7 in case of outages. - I'd guess the auditing costs are quite substantial as well. I'm not sure what's necessary to get added to the various root programs out there (Microsoft, Mozilla etc.), but I doubt it's free (unless that's part of some sponsorship). (I'm not affiliated with Let's Encrypt, just my perspective) [1]: https://github.com/letsencrypt/letsencrypt
[2]: https://github.com/letsencrypt/boulder
[3]: https://blog.cloudflare.com/the-hard-costs-of-heartbleed/ |
|
|