Hacker News new | ask | show | jobs
by johnnyapol 1804 days ago
I don't know Google's motivation but frankly I welcome TLS everywhere on the public-facing web now that certs are free thanks to LetsEncrypt.

For me, it comes down to two things:

1. Privacy. When I'm on non-private networks, its nice to have assurance that other people aren't able to get the specific contents of what I'm viewing.

2. ISP bad behavior. A number of ISPs have been doing things like injecting ads or other trackers into plain-HTTP sites. https://www.infoworld.com/article/2925839/code-injection-new...
1 comments
inshadows 1804 days ago
Hopefully, LetsEncrypt is and will always be incorruptible organization. There was never a case of a community project being taken over by greedy capitalists. Oh wait...
link
johnnyapol 1804 days ago
I personally have put a lot of faith in them but there's also a lot of alternatives in case they were to flop or become corrupted:

1.https://zerossl.com/letsencrypt-alternative/

2. Cloudflare will issue you free TLS certs (assuming you're okay with them doing TLS termination). I assume other CDNs / caching proxies with free plans will also do this.

3. https://www.buypass.com/ssl/products/acme

4. https://www.sslforfree.com/

I'm sure there's more, but that's just what I could quickly find.

link
remram 1803 days ago
There are a lot of safeguards like certificate transparency logs. They would be caught.
link