The Cert-IST web sites now use « Let’s Encrypt » certificates

Since the end of January 2017, we use new certificates for all our web servers (the public, private and MISP web sites). Now, visiting our public web site www.cert-ist.com will automatically uses HTTPS (the other web sites was already using this protocol). « Let’s Encrypt » is a community project started at the end of 2015 with the objective of generalizing the usage of HTTPS in order to preserve confidentiality during web browsing (following the Snowden revelations). To do this, the project offers free distribution and renewal of certificates for web servers.

Following are the main advantages of these new certificates:

• Certificates are free of charge and have a high cryptographic quality,
• They are automatically recognized as valid by web browsers (the « Let’s Encrypt » Certification Authority is recognized by default by web browsers),

Using a « Let’s Encrypt » certificate does not guarantee, however, that the web site owner is trustworthy. Actually, « Let’s Encrypt » does not support services such as Organization Validation (OV) or Extended Validation (EV) (see: OV and EV certifications for further information).

 

During the same project, we have also improved the technical configuration of our web sites, thanks to the "Mozilla Observatory" tools. This observatory performs a set of remote tests, to assign a note on the security level of a website. It also offers many tips to improve it. The Cert-IST website (www.cert-ist.com) now has the A+ grade (grades go from A to F).