https://letsencrypt.org/Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).
https://en.wikipedia.org/wiki/Internet_Security_Research_GroupThe Internet Security Research Group (ISRG) is a California public-benefit corporation which focuses on Internet security. [2][3]
Let's Encrypt—its first major initiative—aims to make Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates available for free in an automated fashion.
Josh Aas serves as the group's executive director and board chair.[4][1] The board also contains individuals from Akamai, Cisco, University of Michigan, Mozilla, ACLU, CoreOS, and the Electronic Frontier Foundation.[1]
The current system of Certificate Authorities where nation states and anyone who wants to pay for it, can have their own CA and issue certificates that are accepted by browsers, allowing MiTM attacks is broken.
Until something better is available we have to choose what to use.
1. HTTP with passwords in plain text
2. HTTPS with passwords and other data encrypted.
[url]
https://letsencrypt.org/2017/12/07/look ... -2018.html[/url]
Let’s Encrypt had a great year in 2017. We more than doubled the number of active (unexpired) certificates we service to 46 million, we just about tripled the number of unique domains we service to 61 million, and we did it all while maintaining a stellar security and compliance track record. Most importantly though, the Web went from 46% encrypted page loads to 67% according to statistics from Mozilla - a gain of 21 percentage points in a single year - incredible. We’re proud to have contributed to that, and we’d like to thank all of the other people and organizations who also worked hard to create a more secure and privacy-respecting Web.
While we’re proud of what we accomplished in 2017, we are spending most of the final quarter of the year looking forward rather than back. As we wrap up our own planning process for 2018, I’d like to share some of our plans with you, including both the things we’re excited about and the challenges we’ll face. We’ll cover service growth, new features, infrastructure, and finances.
Many other CAs are also U.S. based. Does that bother you when you connect to Amazon, Apple, Google, or any other of the most commonly used websites?
I can't see how being U.S. based means the Let's Encrypt certificates are less trustworthy than any other CA. Why pay any of the big companies when Let's Encrypt is doing so much to promote and support a safer Internet?