[perpass] Paper on Let's Encrypt adoption

"Giovane C. M. Moura" <giovane.moura@sidn.nl> Thu, 15 December 2016 07:22 UTC

Return-Path: <giovane.moura@sidn.nl>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91FC5129863 for <perpass@ietfa.amsl.com>; Wed, 14 Dec 2016 23:22:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.197
X-Spam-Level:
X-Spam-Status: No, score=-7.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.896, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sidn.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vtdUHNn8_IAw for <perpass@ietfa.amsl.com>; Wed, 14 Dec 2016 23:22:51 -0800 (PST)
Received: from arn2-kamx.sidn.nl (kamx.sidn.nl [IPv6:2a00:d78:0:147:94:198:152:69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF463129430 for <perpass@ietf.org>; Wed, 14 Dec 2016 23:22:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=sidn.nl; s=sidn-nl; c=relaxed/relaxed; h=to:from:subject:message-id:date:user-agent:mime-version:content-type:content-transfer-encoding:x-originating-ip:x-clientproxiedby; bh=ptntoLBsGKExnkXTNIywe9rS9Og+NaV5lfnxhmcp4oI=; b=QCF1M/kYK7YtHmyiXujxq/q15Q61lUTbcMbKIBkPPoezVNysd0hFvaC96/COmKZnka7xShgYInYJR5rKu+gsTrtCpbkHbj+FxTOBM7wp3XOIght+jq6Fc76R3T+PevvxGnNB508PtVAzfHSq9v6Jbz2sVAm3n74WxQzEBXN8HR3bx3b8p70xJdNjVJrg4A5xjB3zKqxIx5534nvvT6I+I0nqA9u39R2yZtJrmXuCCIwuyHNCDRZryrrV6QjMsgVe/QfNWGQylWl5QQi7EB1PkT92TPerguqt0ldQplvLmO8ibISUopJKRJANoOidKvCGUplOxbvZ10RXj2VwZ5Ag6w==
Received: from ka-mbx02.SIDN.local ([192.168.2.178]) by arn2-kamx.sidn.nl with ESMTP id uBF7MmFT023033-uBF7MmFV023033 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=CAFAIL) for <perpass@ietf.org>; Thu, 15 Dec 2016 08:22:48 +0100
Received: from [94.198.159.134] (94.198.159.134) by ka-mbx02.SIDN.local (192.168.2.178) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Thu, 15 Dec 2016 08:22:46 +0100
To: <perpass@ietf.org>
From: "Giovane C. M. Moura" <giovane.moura@sidn.nl>
Message-ID: <e104ac92-8b23-90c3-aa6f-ed2cc6730538@sidn.nl>
Date: Thu, 15 Dec 2016 08:22:40 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.5.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [94.198.159.134]
X-ClientProxiedBy: ka-hubcasn02.SIDN.local (192.168.2.172) To ka-mbx02.SIDN.local (192.168.2.178)
X-FEAS-SPF: 2 / 2, ip=94.198.159.134, helo=, mailFrom=giovane.moura@sidn.nl, headerFrom=giovane.moura@sidn.nl
Authentication-Results: arn2-kamx.sidn.nl; spf=pass (sidn.nl: domain of giovane.moura@sidn.nl designates 94.198.159.134 as permitted sender) smtp.mailfrom=giovane.moura@sidn.nl
Archived-At: <https://mailarchive.ietf.org/arch/msg/perpass/Ft0SH1Q6lMX7FUU6h5mH6sWd6GY>
Subject: [perpass] Paper on Let's Encrypt adoption
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2016 07:22:53 -0000

Hello folks,

We have this new paper that some of the list may find interesting. It's
about the adoption of Let's Encrypt[1]:

>From the paper [2]:

"Once [costs and complexity] are eliminated, it enables big hosting
providers to issue and deploy certificates for their customers in bulk,
thus quickly and automatically enable encryption across a large number
of domains. For example, we have shown that currently, 47% of LE
certified domains are hosted at three large hosting companies
(Automattic/wordpress.com, Shopify, and OVH)."

More discussion in [3][4].

Best,

/giovane


[1] https://letsencrypt.org
[2] https://arxiv.org/pdf/1612.03005.pdf
[3] https://www.schneier.com/blog/archives/2016/12/lets_encrypt_is.html
[4]
https://www.reddit.com/r/letsencrypt/comments/5hvt2v/lets_encrypt_filling_a_void_in_ca_industry/