Internet Security Research Group (ISRG)

Our 2024 annual report is now available! ?? Read it in full here: https://lnkd.in/gcsdrdhg This year we’ve made great strides towards creating a more secure and privacy-respecting Internet for everyone. From reaching the milestone of Let’s Encrypt serving 500 million active domains to Prossimo’s work with #Rustls, we’re proud of all we accomplished. Thank you to everyone who has been a part of making our global impact possible. ?? ?? Want to help? Consider making a donation today! https://lnkd.in/gh5gNNe

???ISRG has joined the Global Cyber Alliance! It’s just one more way we’re celebrating ten years of Encryption for Everybody. 2025 marks ten years of Let's Encrypt. Reaching that milestone has undoubtedly taken continual technical innovation—from automating renewals by developing ACME ten years ago, to making progress towards optional short-lived certs which we announced just this year. Alongside that technical innovation has been something no less important and just as remarkable: a community of people who’ve made our work possible. Collaboration is as central to what we do as automating certificates at global scale. With that spirit of collaboration and shared commitment to security and privacy at scale, we’re excited to have joined the the Global Cyber Alliance. Together along with the other 48 members of the coalition, we will continue to seek tangible results to benefit the security and privacy of everybody, everywhere. Read the full announcement from GCA here: https://lnkd.in/eJmhK_Zx

Our Let’s Encrypt CA issued our first certificate with a lifetime of six days! We issued the cert to ourselves and then immediately revoked it so we can observe its full lifecycle. Next, we'll roll out short-lived certificates to a small group of our subscribers before making them widely available by the end of the year, alongside our standard 90-day certificates. Why does this matter? Shorter certificate lifetimes improve security by reducing the risk of compromised keys. Learn more about why they are important, how to get a short-lived cert (as available), and more in our latest blog post. Thanks to Open Technology Fund for supporting this work! https://lnkd.in/gNdT7nAe

My first FOSDEM included: - Meeting thousands of Let's Encrypt users and donors—and hearing how much they value our free service. Jeroen Boersma was one and we even snapped a selfie together! - Handing out mints of questionable flavor and hoping I’m still welcome in the European developer community. ?? - Introducing folks to Prossimo and our memory safety initiatives. - Enjoying Brussels’ famous frites, waffles, and chocolates. - Realizing, after 10 months on the job, just how much I love what I do. #FOSDEM #OpenSource #Encryption4Everybody #MemorySafety

As #DataPrivacyWeek 2025 comes to a close, consider giving this podcast episode a listen! ISRG’s Sarah Gran (Saline) and Brandon Pitman got a chance to talk with Katherine Druckman about our work towards creating a more secure and privacy-respecting Internet.??? Not familiar with our Divvi Up project? Divvi Up is a privacy-respecting telemetry service for web, mobile, and machine learning applications. Our goal is to provide a service that application owners—from government and public benefit entities to private companies—can use to easily collect user population metrics while respecting user privacy. Many types of applications, from mobile and desktop apps to websites, generate metrics about their users. These metrics are valuable for application owners because they are the basis for insights into users’ behavior. Normally an application would send all of its metrics back to the app owners, either directly or through a middle-entity. Users simply have to trust that owners will respect their stated privacy and security policies. Stated policy, however, is insufficient as a privacy safeguard. Once an app owner has user data, privacy policies can be violated either intentionally or accidentally. The mere possibility of privacy violations can erode trust in applications, making users less likely to want to engage. In addition, the presence of personally identifiable information is a liability that more organizations are worrying about since it can be unintentionally leaked or stolen in a breach. Divvi Up is a service designed to resolve the tension between wanting to know information about a population of users and needing to collect information about individuals that might compromise their privacy. Learn more about Divvi Up at https://divviup.org/

FOSDEM starts tomorrow! ?? Come by our stand in Building K, level 2 to chat with us about #Encryption4Everybody and #MemorySafety. We have stickers! ?? Be sure to stick around for our Executive Director Josh Aas’s keynote on Sunday, reflecting on the last 10 years of Let’s Encrypt and what we’re working on now. Don’t miss it! Let's Encrypt Prossimo

Are you going to #FOSDEM this weekend? If so, keep an eye out for ISRG! ISRG Executive Director Josh Aas is presenting a keynote on Sunday, February 2, at 17:00 local time. He’ll talk about the evolution of Let's Encrypt over the last 10 years, and share some exciting changes coming down the pipe including short-lived and IP address certificates. It’s a talk packed with stories, lessons learned, and some heads up and guidance for the future of #TLS. Don’t miss it! You can also find our VP Sarah Gran (Saline) and Brand & Donor Development Director Shannon Robinson at our stand in Building K, Level 2. Come find us to chat about Let's Encrypt and Prossimo, and snag a sticker while you’re at it. See you there! ?? https://lnkd.in/g2M7mjsX

READY, SET, RUSTLS! ?? ISRG has been investing heavily in the #Rustls TLS library over the past few years. Our goal has been to build a library that is both #MemorySafe and a leader in performance, with the aim of replacing less safe alternatives such as OpenSSL. The progress we have made in 2024 has brought us much closer to achieving that goal, with the next steps being widespread adoption. Progress we’ve made this year: ?? Benchmarking ?? Cryptographic Flexibility ?? Post-Quantum Key Exchange ?? OpenSSL Compatibility ?? NGINX Integration ?? Memory Efficiency ?? Encrypted Client Hello (ECH) Read all about it in our annual report: https://lnkd.in/ghPT6zZX

It’s time to adopt ARI! ?? ACME Renewal Information (ARI) enables seamless, automated renewals, allowing Let’s Encrypt to signal to ACME clients when a certificate needs to be renewed—both under normal circumstances and in urgent cases where revocation is necessary. This innovation ensures that service disruptions due to unexpected revocation events are minimized, improving both security and reliability across the Web. Read all about it in our annual report: https://lnkd.in/gBd3RJMK

As 2024 draws to a close, we’re happy to share a message from ISRG Executive Director Josh Aas, reflecting on all the progress we’ve made this year. ????Let’s Encrypt continues to thrive, securing over 500 million domains globally. ????Prossimo has helped drive critical advancements in memory safety, from TLS and DNS to the Linux kernel. ????Through Divvi Up, we’re striving to make privacy-preserving telemetry mainstream, moving towards a future where privacy is a default. Looking ahead, next year marks 10 years of Let’s Encrypt! ?? Our longstanding offering of free, automated, 90-day certs will continue, and we’re also introducing a game-changing option: short lived, 6–day certs starting in 2025. These are ????????????????, but they represent a big leap forward for security by minimizing exposure during key compromise events. None of this would be possible without the extraordinary support of our staff, community, funders, and partners. Your contributions fuel our mission to create a more secure and privacy-respecting Internet. Read the full letter: https://lnkd.in/gh__cP-4 This letter was originally published in our 2024 annual report, available here: https://lnkd.in/gQJ_Huxg #Encryption4Everybody #MemorySafety #DataPrivacy #NonprofitTech