Security News > 2021 > September > Serious Security: Let’s Encrypt gets ready to go it alone (in a good way!)
HTTPS, short for secure HTTP, relies on the encryption protocol known as TLS, which is short for transport layer security.
Many high-traffic sites were afraid of HTTPS because of the extra time taken by the "Cryptographic dance" demanded by the protocol every time a visitor arrived at the site, and because of the need to encrypt and decrypt every byte sent and received thereafter.
If high-traffic, big-name sites could get away with using HTTPS only some of the time, it was unsurprising that many other sites followed suit, or didn't bother with HTTPS at all.
Started back in 2014, a non-profit organisation called Let's Encrypt set out to change the HTTPS landscape not only by acting as a CA that offered TLS certificates for free, but also by automating and therefore greatly simplifying the process of acquiring and renewing them.
Well done to Let's Encrypt for sticking to its plan of making HTTPS easy and cheap to add even to the tiniest website, and thanks to IdenTrust for vouching for Let's Encrypt back in the early days.
Lastly, to those who still claim that HTTPS is an unnecessary evil that plays into the hands of cybercriminals because they, too, can now easily get HTTPS certificates if they want, don't forget that crooks who wanted to use HTTPS were perfectly able to do so long before Let's Encrypt came onto the scene.