Encrypting the web is a more important challenge than ever. Now, EFF has teamed up with Sandwich Video and Baratunde Thurston to explain and promote this mission via video. Sandwich is the production company behind some of the best product launch videos in tech, and you may know Baratunde from his work on The Daily Show, The Onion, and New York Times bestseller How To Be Black. We brought these creative forces together to show you why we need to continue moving from non-secure HTTP to more secure HTTPS, and how you, with EFF tech tools HTTPS Everywhere and Certbot, can help us get there.
Share the video with friends and colleagues as another way to show what HTTPS Everywhere and Certbot can do for them, and learn more about our encrypt the web initiative.
Some websites offer inconsistent support for HTTPS, use unencrypted HTTP as a default, or link from secure HTTPS pages to unencrypted HTTP pages. HTTPS Everywhere is a browser extension for users that fixes these problems by rewriting requests to these sites to HTTPS wherever possible, automatically activating encryption and HTTPS protection that might otherwise slip through the cracks.
Our long-term goal, however, is to make a tool like HTTPS Everywhere unnecessary. This vision of a 100% encrypted web requires web site owners to enable HTTPS and encrypt their websites. Certbot allows domain owners and website administrators to make their own sites secure for free. Using a series of easy-to-follow interactive instructions, Certbot can automatically fetch custom certificates for your domain. Certbot can also automatically configure your webserver to support encrypted traffic and even be set to renew that certificate whenever it’s close to expiring so that you never have to worry about it again.
Certbot is a client for the Let’s Encrypt certificate authority (CA), which is operated by the Internet Security Research Group. CAs play a central identification and verification role in the web encryption ecosystem—and Let’s Encrypt is one of the world’s largest, having issued over 20 million active certificates. Hosting providers can user Let’s Encrypt to offer HTTPS by default to their customers, joining the movement toward free, automatic HTTPS as the default standard.
These tools work together to make a safer, more secure web for everyone, and they are free to use, download, and share. The mission to encrypt the web can only advance when users, website owners, and hosting providers work together, too. Share the video, spread the word, and take action to help us get closer to the mission of encrypting the web.