Jacob Hoffman-Andrews, Senior Staff Technologist at the EFF and the lead developer of Let’s Encrypt, joined the show to talk about the history of SSL, the start of Let’s Encrypt, why it’s important to encrypt the web and what happens if we don’t, Certbot, and the impact Let’s Encrypt has had on securing the web.
Changelog++ members support our work, get closer to the metal, and make the ads disappear. Join today!
Sponsors:
- Linode – Our cloud server of choice! Get one of the fastest, most efficient SSD cloud servers for only $5/mo. Use the code
changelog2017
to get 4 months free! - Toptal – Scale your team and hire from the top 3% of developers and designers with Toptal. Email
adam@changelog.com
for a personal introduction. - Rollbar – Put errors in their place!
npm install --save rollbar
for error tracking in your Node.js apps.
Featuring:
- Jacob Hoffman-Andrews – Website, GitHub, X
- Adam Stacoviak – Website, GitHub, LinkedIn, Mastodon, X
- Jerod Santo – GitHub, LinkedIn, Mastodon, X
Show Notes:
- Jacob Hoffman-Andrews on EFF.org
- Search Changelog.com for “http/2” and “http2”
- The Changelog #161: The HTTP/2 Spec with Ilya Grigorik
- Boulder: An ACME-based CA (written in Go)
- Automatic Certificate Management Environment (ACME)
- Certbot (previously the Let’s Encrypt Client) - EFF’s tool to obtain certs from Let’s Encrypt, and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
- Certbot’s Interactive Guide is rad
- The Crypto Wars: Governments Working to Undermine Encryption
- Root certificate trust store
- Online Certificate Status Protocol
- Jacob talked about using
.wellknown
in the root of projects - Go Time #14: CaddyServer, the ACME Protocol, and TLS with Matt Holt
- [Wired] Google’s Chrome Hackers Are About to Upend Your Idea of Web Security
- Let’s Encrypt Stats
- Donate to Let’s Encrypt and/or Sponsor Let’s Encrypt
- Wanna pitch in? Check for “help wanted” tags on their repos…
- What It Costs to Run Let’s Encrypt
BONUS - From Jacob Hoffman-Andrews ~> How Not To Get Phished
Something missing or broken? PRs welcome!