Gratis But Not Free as in Freedom: How Let's Encrypt is Dying in Geminispace
Let's Encrypt is somewhat of a dying breed where the misguided CA model is shunned
In the years 2019-2022 many sites had discovered Gemini Protocol and extended their online presence to it. Many of them, out of short-term convenience or old habits, leveraged their Let's Encrypt (Linux Foundation) setup if not recycled certificate to supply their new capsule with a unique digital identifier, a set of bytes that can thwart forging by asking a third party rather than asking the capsule itself if it has changed ownership. In more recent years more capsules abandoned Let's Encrypt, perhaps correctly realising the perils associated not just with frequent expiry but also loss of control. In Lupa, which tracks those sorts of things, 5 days ago it said "(4.5 %) use the Certificate Authority Let's Encrypt" (down from almost 14%).
Then we saw it at 4.4% for a few days and mentioned that in passing. A few hours ago it said "2510 (90.6 %) capsules are self-signed, 119 (4.3 %) use the Certificate Authority Let's Encrypt, 142 (5.1 %) are signed by another CA (may be not a trusted one)."
The way things are going, maybe by next month or by autumn there will be fewer than 100 capsules that still use Let's Encrypt.
People sometimes say superficially dumb stuff like "Let's Encrypt is free", even if the reality is, one gives control to Let's Encrypt over oneself 'for free'. Being controlled by somebody else is never a freedom, even if it's free of charge. Technology ought to put the user (or device owner), not GAFAM, first. GAFAM-controlled Web browsers are the reason Let's Encrypt gained so much traction on the Web. That's just one more way for them to exercise control over the Web and over Web users. █