Standing on Our Own Two Feet – Let’s Encrypt

[Update] Let’s Encrypt Extends Support for Android 7 or Older Devices for Three Years

Let’s Encrypt announced its partnership with IdenTrust will come to an end by September 1, 2021. Except for its own root certificate, Let’s Encrypt has been using a cross-signed certificate from IdenTrust. The decision to part ways is dubbed as the company is standing on its own two feet.

Five years ago, when Let’s Encrypt launched, that’s exactly what we did. We got a cross-signature from IdenTrust. Their “DST Root X3” had been around for a long time, and all the major software platforms trusted it already: Windows, Firefox, macOS, Android, iOS, and a variety of Linux distributions. That cross-signature allowed us to start issuing certificates right away, and have them be useful to a lot of people. Without IdenTrust, Let’s Encrypt may have never happened and we are grateful to them for their partnership. Meanwhile, we issued our own root certificate (“ISRG Root X1”) and applied for it to be trusted by the major software platforms.

via Let’s Encrypt

However by the time the changes come into force next September 2021, the transition would cause compatibility issues with the devices that are running Android 7.1.1 or older version. It means the older versions of Android will no longer trust Let’s Encrypt root certificate called ISRG Root X1.

Let’s Encrypt therefore recommends affected users to install Firefox Mobile, which currently supports Android 5.0 and above.

Statistics for users of Android 7.1.1 and below

🇳🇱 Netherlands ~ 12%

🇺🇸 United States ~ 8%

🇹🇭 Thailand ~ 18%

Source: https://deviceatlas.com/blog/mobile-os-versions-by-country#th

If you are a site owner under our hosting service

You may contact us directly for alternative certificate chains or for any questions about your SSL certificate.

If you are not sure if you are using Let’s Encrypt SSL, or if you are worried that (a part of) your potential visitors are affected by this Let’s Encrypt update, contact us directly. The best solution, depends on your use case, but it’s likely a paid SSL certificate, as they are around longer and well trusted.

Cookie Script

By Rutger | October 6, 2021

TL;DR we found the best Cookie compliance script. Cookie script makes it easier to comply with the European AVG/GDPR law, which has been in force since May 25, 2018. What is the GDPR? The GDPR is a European privacy regulation. It ensures the careful processing of personal data by businesses and organisations. For instance, you…

Access control per account

By Rutger | October 5, 2021

For many years our resellers can control their customers’ access to specific functionality of the control panel. But it was on or off. No granular control. Let’s say that DNS management is hard to understand for your customers, then you usually switch this off. Same goes for ordering. Perhaps some of your customers order a…

How to Optimize Site Performance for Core Web Vitals

By Rutger | June 8, 2021

There are many factors that affect website rankings, one of which is, site performance. How does your site perform in terms of speed and accessibility? Just this month  Google established a new user experience metric called Core Web Vitals. Core Web Vitals aims to put the most optimized website in terms of performance on top of…

Firefox’s new Site Isolation Security Architecture

By Rutger | May 28, 2021

Online there are plenty of untrustworthy websites that could overpass the initial security in your primary browser. Which is why Firefox developed a new Site Isolation Security. With the main purpose of preventing malicious websites from accessing or stealing information from your accounts on other websites.  The process of site Isolation security is separating web…

WordPress Proposes Blocking Google’s FLoC

By Rutger | April 25, 2021

In the recent announcement from WordPress, they state that they are treating Google’s new FLoC tracking technology as a security concern and may block it by default on WordPress sites. Google’s Federated Learning of Cohorts (FLoC) received a lot of criticism concerning privacy. “FLoC is meant to be a new way to make your browser…

Am I FLoCed? A New Site to Test Google’s Invasive Experiment

By Rutger | April 5, 2021

 Am I FLoCed is one of an effort to uncover the invasive practices of the adtech industry—Google included. It is a new site where you can check if you are being subjected to the latest advertising experiment, FLoC. What is FloC? Federated Learning of Cohorts or FLoC is Google’s new advertising technology intended to replace…

DuckDuckGo Browser and Extension

By Rutger | February 25, 2021

DuckDuckGo describes itself as “the search engine that doesn’t track you.” Although DDG is better known for its privacy-focused search engine, the company has expanded into making its own Privacy Browser app for Android and IOS. The DDG Privacy Browser has the speed you need, the browsing features you expect (like tabs & bookmarks), and…

The Search Engine That Doesn’t Track You

By Rutger | February 11, 2021

THERE’S A NEW battleground in the browser wars: user privacy. Just recently, we published an article about Brave browser and how effective its tracker blocking technologies. So here’s another talk of the town privacy-focused search engine that will help you enjoy the internet without having to worry about leaving a digital footprint.  What is DuckDuckGo?…

Mozilla Firefox 85.00 is Here!

By Rutger | January 30, 2021

The popular open-source web browser Mozilla Firefox finally released version 85.00. With significant updates including the much-awaited major privacy enhancement called network partitioning. Check out the major improvements and what’s been added and changed for the latest Firefox 85.00. What’s new? The Adobe’s popular software Flash Player is no longer supported by Firefox 85. “There is…

Update: Let’s Encrypt Extends Support for Android 7 or Older Devices for Three Years

By Rutger | January 13, 2021

Back in November, Let’s Encrypt an open certificate authority announced an end to its partnership with Identrust and to “Standing on Our Own Two Feet – Let’s Encrypt”. The supposed part ways will cause compatibility issues with Android 7.1.1 or older to not be able to access HTTPS websites.  In its new announcement, Let’s Encrypt has…