encrypt-2

The Electronic Frontier Foundation has teamed up with Akamai, Cisco, Identrust, Mozilla and a team at the University of Michigan to create Let’s Encrypt, a new initiative designed to encourage encryption across the web by providing free security certificates and software that will easily configure them on a web server.

As concerns over government spying continue to mount, one of the key defensive tools website owners have at their disposal is TLS encryption using HTTPS. By using a special security certificate, encryption can prevent attackers from reading traffic as it travels over the web, since it’s only readable by someone who holds the certificate.

eff-logo-plain-300Plenty of tech companies are trying to do their part to better secure the Web – Google recently announced that its search results will begin favoring HTTPS-enabled sites, and other companies have doubled down on encryption in other ways. But setting up encryption can be a pain.

One of the biggest hurdles to deploying encryption on a web server is how difficult it is to successfully set up a certificate. The EFF said that its testing revealed it could take even experienced sysadmins upwards of an hour to get a certificate up and running, while inexperienced operators could spend many times that trying to get everything set.

To get around that, Let’s Encrypt is powered by software that allows web administrators to type a few commands and get a certificate set up for free. Here’s a video that shows it in action:

The pricing on a Let’s Encrypt certificate is as important as the technical wizardry behind it. Depending on what people are looking for, certificates can cost hundreds of dollars, and often expire after a set term. In some ways, that’s a security feature – changing up a certificate will prevent an attacker who got a hold of the old one from doing further snooping – but it also adds more costs a small business owner may not be willing to pay.

Of course, offering free certificates is only one piece of the puzzle. As our own tests showed, third-party content can make it difficult for sites to go all-in on encryption. This push could help encourage more sites to encrypt their content, though, making any transition easier going forward.

People who are looking forward to getting a free certificate still have a little while to wait: the service is slated to launch next summer.

Like what you're reading? Subscribe to GeekWire's free newsletters to catch every headline

Job Listings on GeekWork

Find more jobs on GeekWork. Employers, post a job here.