Published 2025-12-03
My friend Christophe Brocas has just published a retrospective on the ten years since we unveiled the ACME protocol to the world. He interviewed me and some colleagues for the piece, and I recommend it! [read more]
Published 2017-07-10
We're changing the methodology used to calculate the Let's Encrypt Statistics page, primarily to better cope with the growth of Let's Encrypt. Over the past several months it's become clear that the existing methodology is less accurate than we had e… [read more]
Published 2017-05-16
I've been supplying the statistics for Let's Encrypt since they've launched. In Q4 of 2016 their volume of certificates exceeded the ability of my database server to cope, and I moved it to an Amazon RDS instance.… [read more]
Published 2016-12-19
The Phoenix DevOps Meetup has asked me to do a walk-through of how to encrypt a website using Let's Encrypt for their February meetup. I don't believe this talk will be recorded, but for any locals who want to discuss PKI, I'll be available after. [read more]
Published 2016-09-30
Yesterday Let's Encrypt reached a new milestone: the unique set of all fully-qualified domain names in the currently-unexpired certificates issued by Let's Encrypt is now 10,022,446.… [read more]
Published 2016-07-05
Today at the RMLL conference's security track I'm talking about some of the challenges, decisions, and trade-offs that occurred while launching Let's Encrypt, in a talk I've called Let’s Encrypt: The Road To Encrypting All The Things. [read more]
Published 2016-04-05
This is a quick status update from the Early Impacts of Let's Encrypt post.… [read more]
Published 2016-02-19
During the months I worked in Let's Encrypt's operations team I got fairly used to being the go-to man for any question that a database query could solve.… [read more]
Published 2016-01-21
Gathering data from Certificate Transparency logs, here's a snapshot in time of Let's Encrypt's certificate issuance rate per minute from 15-21 January 2016 [read more]
Published 2016-01-15
All the first Let's Encrypt certs for my websites from the LE private beta began expiring last week, so it was time to work through the renewal tooling [read more]
Published 2015-10-20
A bigger blog post will have to wait, but just as a brief note: Let's Encrypt is now publicly trusted. In fact, this blog is using a certificate from Let's Encrypt. And so is usr.bin.coffee, of course. [read more]
Published 2015-10-08
One of the advantages to being part of the Let's Encrypt team is early access to the closed beta. As such, I've been able to issue a handful of certificates from the service. For example: usr.bin.coffee. There's a lot of other upsides as well, such a… [read more]
Published 2015-04-10
GatorLUG has invited me to talk about Let's Encrypt at their April 2015 meeting. I'm honored to be playing a role in the architecture and implementation of Let's Encrypt; here are the slides I'll be presenting. [read more]
On a mission to solve communications security issues for the whole Internet. That, and drink coffee.
This work is licensed under a Creative Commons Attribution 4.0 International License.