I’ve been boring the bejesus out of many of my friends and family lately with posts here extolling the virtues of always-secured TLS connections. Previous posts have described how this blog went 100% TLS and then instructed all browsers to always and only accept secured connections via HSTS.
In short, it’s been some time since you can only visit this site via an authenticated and secured connection between your device and my webserver. It’s not that I think the NSA cares what I am writing about — being private isn’t the point of a blog (especially this one). Instead the idea is entire web should be secured so that only the two ends of the conversation can see what’s going on. IOW, nobody should be able to snoop on what you are reading or saying.
TLS, or SSL as it used to be known, is both authentication (this website really is yobyot.com) and encryption (nobody between you and me can intercept and decrypt the traffic). Without TLS, anyone — your ISP, the government, that hot chick at the far table at Starbucks — can see what you read, what you search for and what you have been doing.
But the goal of 100% secured, authenticated web browsing has been hard to achieve because it’s been very, very geeky. It’s been real work (as well as a real joy) learning about certificates, Apache server configuration and all the other stuff I needed to learn to secure yobyot.com.
Now, that’s about to change. Let’s Encrypt, which has just gone into public beta, is a simple way for even the most newbie website owners to quickly and easily get a valid certificate from Let’s Encrypt and install it on their sites. This is the beginning of the totally-secured ‘Net. And it’s long overdue.
Let’s Encrypt as a system still has a long way to go before it gets out of beta. I’ve had trouble getting it to work on AWS Linux. (This blog runs on Ubuntu on Azure which installed almost perfectly.) But make no mistke, Let’s Encrypt is going to fundamentally change the Internet — for the better for all of us. And, it’s a breeze to install Let’s Encrypt on Ubuntu for a WordPress blog.
If you have a website — any website — do what I did. With apologies to Elton John, spend a Saturday night installing Let’s Encrypt. It’s the absolute coolest way to “Get a little action in”.