Encrypting the Web - Lessons Learned at Let's Encrypt presented at saintcon 2016

by Daniel Jeffery,

Summary : Let's Encrypt has been a success for the open source community and for privacy in today's world. Now the largest single certificate authority on planet earth in terms of certificates issued, it's time to review some of the lessons learned.
Running a certificate authority today has a variety of challenges and setting up the infrastructure for a multi-DC operation from 0 to public with a goal of openness and a small team has required dedication and flexibility.
This will cover:
* Security decisions and concerns for an open source PKI including network design, hardware security modules, change control, tamper bags and lots of logs.
* DevOps in a lean high availability startup.