All of us at Netlify are proud to announce that we are now listed as a major sponsor of Let’s Encrypt.
Let’s Encrypt is a free, automated, and open Certificate Authority (CA), run for the public’s benefit. It’s the service that’s been backing Netlify’s free HTTPS on all custom domains since the start of 2016 and Let’s Encrypt is increasingly becoming a key piece in the efforts to create a more secure and private web for us all. By now, they’ve issued more than 100 million free SSL certificates.
The Road to free SSL
Back when Netlify was still a small bootstrapped company with a shoestring budget, the emergence of Let’s Encrypt allowed us to launch the world’s first completely free publishing platform where HTTPS was a one-click setup included in the price of $0, even on custom domains.
Before Let’s Encrypt, the Certificate Authority (CA) industry was somewhat similar to a racket. The key players managed to get their root certificates trusted by the major browsers, and based on that they could basically print money by charging arbitrary amounts for signing domain-validated certificates with an automated process. These fees were the amongst the main reasons that most people were unable to setup HTTPS for their domains with all the benefits that comes from this.
Let’s Encrypt changed all that by building a CA infrastructure that lets anybody who can demonstrate ownership over a domain issue signed certificates completely free of charge. They did this with a modern API infrastructure that’s a pleasure to integrate with and great tooling in place that’s made the whole process of automating certificate rotation and renewals so much better for anybody involved.
Now that Netlify has grown as a company, we decided that it was important to contribute to the immensely important ongoing work Let’s Encrypt is doing to create a more secure and privacy-respecting Web.
Unlike The Internet Security Group (the non-profit behind Let’s Encrypt), Netlify is a business, so deciding to donate part of our budget to a cause like Let’s Encrypt is a big decision. But it’s a decision that’s closely aligned with our overarching mission as a company.
Make the Web Win
The worldwide web was a transformative invention that has lead to an unprecedented period of information sharing and online opportunities. However, the existence of an open and standardized web is, unfortunately, not something to take for granted.
Proprietary mobile app stores, walled gardens like Facebook’s instant pages or initiatives like Google AMP with an agenda of moving publishing to a central gatekeeper, all threatens the free and open web built on open standards where the properties of large corporations have no inherent advantages over anyone’s personal blog.
If we want the web to stay relevant, we have to make sure that anyone is able to publish and run sites or apps with the same performance and security that users take for granted with mobile apps or when browsing proprietary platforms like Facebook or Google-hosted AMP pages.
Making the web win is core to our mission at Netlify, and we’re working hard to make sure any single developer can instantly publish their work for free with the same (or better) performance, security, agility, and scalability as the largest companies with the deepest pockets.
Apart from building our own infrastructure on open standards and advocating a JAMstack approach for a performant web that’s not tied to any single player, we’re contributing full-time work from our developers on projects like Netlify CMS, GoCommerce, and GoTrue. We’ve also contributed to lots of open source projects in our space, including Boulder, the reference implementation of Let’s Encrypt’s CA, as well as Hugo, Jekyll, Middleman, Roots, Apache Traffic Server and many others.
For us actively sponsoring Let’s Encrypt is just another step on this road.
We’re strong believers in the web and have a vision for an open democratic web built on shared standards, that is fast and secure enough out of the box to compete and win against any walled garden or proprietary technology. Let’s Encrypt and The Internet Security Group are doing great work in this space, and we’re proud to be able help them make the web better for all of us.