
Launching Our Crowdfunding Campaign - r1ch
https://letsencrypt.org/2016/11/01/launching-our-crowdfunding-campaign.html
======
apeace
This is a no-brainer for any LetsEncrypt user:

    
    
      - Take the amount you paid for certificates last year
      - Divide by any number, let's say 10
      - Donate that amount to LetsEncrypt, and continue to get free certificates all year!
    

I agree with some commenters that it would be great to see LetsEncrypt bolster
their revenue with reasonably-priced offerings such as wildcards and EVs. But
you can't argue with the progress they've made so far. If there is enough
community demand, I'm sure they'll get there.

Though their stats page[0] appears to be broken, last I heard they had
surpassed 5 million certificates. To meet their current funding goal of $200k
for a month, that equates to $0.04 per certificate per month, or $0.48 per
certificate per year!

EDIT: Their stats page is back. Looks like they have reached 10 million
certificates. So halve the above numbers!

[0] [https://letsencrypt.org/stats/](https://letsencrypt.org/stats/)

~~~
jaas
Thanks for your support!

I'd also like to point out that even if you never get a certificate from us
yourself we're still helping to protect you when you browse any of the
millions of sites we help to secure.

~~~
dalanmiller
How much money does LetsEncrypt receive from monthly reoccurring donations?

------
tyingq
Hmm. I'm skeptical that this approach is sustainable to cover the same $200k
every month.

Is this truly needed to cover operations? In other words, when this falls
short, are they in danger of going insolvent at some point?

I'd much rather they go some different path to cover the shortfall. Perhaps
reasonably priced wildcard and/or EV certs, while leaving regular certs at the
"free" price level?

~~~
ygjb-dupe
>Perhaps reasonably priced wildcard and/or EV certs, while leaving regular
certs at the "free" price level?

IDK, wildcard certs encourage really bad practices, and I don't see the LE
team liking the idea of issuing them.

EV certs means a significant increase in costs to actually go through the
processes required (audits, etc) so that browsers will accept them, and then
the increased costs of doing due diligence when issuing certs. Unless they
want to grow in that direction, it seems like a poor business choice.

Yes, it means they run the risk of going insolvent; despite the fanfare, and
the pace at which they have moved themselves into a critical niche on the web,
they are still an open source project, and are supported by sponsorships and
donations.

I expect that there are some significant players that would invest to keep
them around, but it can be hard to continue to making an impact when you
subsist off of crumbs.

Anyone who's career depends on FOSS should at least read
[https://files.puzzling.org/wayback/pay-for-
foss/](https://files.puzzling.org/wayback/pay-for-foss/)

~~~
nrook
Could you elaborate on why wildcard certs are a bad idea? I've heard this from
several sources, but I haven't read a breakdown of why people think this.

If I'm running a web application, and want to provide an interface where
separate teams sign up and access their version of the app at team-name.your-
app.com, what's the alternative? Or is it that this is considered unwise, and
I should just put team-name in the URL path instead?

~~~
zeta0134
The primary issue with wildcard certificates is that it encourages certificate
reuse between server environments. Even the act of transferring keys around
carries a certain degree of risk. With a wildcard certificate though, say you
have a very secure shopping site, and a user run forum:

    
    
      - https://checkout.example.com/
      - https://forums.example.com/
    

Your wildcard certificate for * .example.com covers both domains, and can be
shared between both servers. Nice! You've saved a bundle of money on
certificates. But there's now a security risk: Say an attacker manages to
compromise forums.example.com through some vulnerability in the forum
software, and steals the private key for * .example.com. They can now set up
their own server hosting checkout.example.com, successfully execute a Man in
the Middle attack, and steal sensitive customer data without the end user
being any the wiser.

Issuing separate certificates prevents this scenario by enforcing a separation
of responsibilities. If each server has its own set of keys, then a security
compromise on forums.example.com does not spill over to checkout.example.com,
because the key used on one server is useless to impersonate the other.
Obviously a key compromise at _all_ is a bad situation, but you want to
architecture your environment so that a compromise has the least potential to
do damage, and that's the basic argument against wildcard certificates.

~~~
sk5t
Good writeup. In addition, using discrete certificates makes managing them
easier, whether for renewal, squashing SHA-1 and the like, or revocation. It
can be a big headache to track down all the places a wildcard cert worms its
way into at large, penny-pinching orgs.

------
tempcryptuser
I've been working on a rollout of LE for our platform that I'm honestly now
thinking about pausing -- a crowdfunding campaign is the opposite of
confidence-inspiring in terms of longevity.

Any chance LE can make some official statement regarding their operating
budget/burn? My strong preference would be to use them but I can't recommend
transitioning to someone trying to make up single months of Opex by begging
for donations.

~~~
jaas
Diversifying income is something every responsible non-profit should be doing,
and that's what this is. If I were you I'd be more worried if we didn't do
something like this.

The bulk of our support comes from corporate sponsorship, another component is
grants, and the third is individual donations. Individual donations are likely
always going to be our smallest source of revenue but it's still an important
source to develop.

We'll be around. Go ahead with your rollout, I hope it goes smoothly and that
it inspires you to contribute back what you can.

~~~
magila
Although it's not really intended for this sort of thing, I wonder if you
could shoehorn Let's Encrypt into Patreon. If you're just trying to diversify
your revenue it seems like Patreon would provide a more predictable cashflow
than doing periodic crowdfunding campaigns.

~~~
seeekr
They could just offer a simple subscription (yearly or monthly) with user-
chosen price tag, aka recurring donation. Call it "individual sponsorship",
make a pretty login window and a little dashboard once logged in, that's it.
Like if we had to pay for a subscription to use LE, except we don't need to.

------
john111
For everyone shocked at the $200k/mo, there is a lot of previous discussion
here [1].

Their staff cost about $200k/person, and their total budget for 2017 is 2.9M!

[1]
[https://news.ycombinator.com/item?id=12541383](https://news.ycombinator.com/item?id=12541383)

------
0xmohit
It is disappointing that such campaigns are required despite the tremendous
value being created.

Any useful service costs money to build and keep running. Perhaps easier
renewals have led us to forget that efforts to make the internet more secure
require a lot of hard work and resources (money). LetsEncrypt doesn't generate
income by selling ads. Users ought to consider donating.

------
kozikow
I believe that they could get some additional extra money from unlocking
domain quotas.

Due to technical bug my domain got black listed for a week, and I had to buy a
new domain due to the deadline. I couldn't have used QA cert server.

~~~
ArchReaper
How does that generate more revenue for them?

~~~
nicpottier
By offering a paid option to remove your quota on a domain. (or raise it)

~~~
Whitestrake
I would find this pretty useful on occasion. Not to mention, it makes more
sense to me than selling cheap wildcards, because now you've got a product,
and you're potentially encouraging poor security (as pointed out by other
commenters in this thread). Seems much more aligned with the goal of Lets
Encrypt in the first place.

------
ancymon
Why not choose less US centric fundrising platform? There aren't any? For
example I am missing choice of currency. If I were to donate in dollars I
would have to pay bank twice for changing currency.

~~~
mikeash
I assume that their expenses are in USD, so _somebody_ will have to pay
conversion fees. It's just a question of whether they're taken out before or
after the number you put in.

------
StavrosK
Oh wow, $200k for a month? That amount is astronomical for a crowdfunding
campaign, and it still only buys one month :/

~~~
X86BSD
You think that's a lot? I'm not trying to single you out and please don't take
this as a personal attack. But it's disturbing to me especially in light of
the dyn attack and others people STILL are not getting how badly our security
infrastructure is horrendously broken and/or non existent on the net.

Letsencrypt are one of the good guys. They are fighting the good fight. With
the admirable goal of trying to get the web moved entirely over to SSL. It's
an uphill battle because we have _decades_ of SSL being a pain in the ass to
deploy and maintain. "But certificates are not hard to generate and deploy!"
Over 50% of the web disagrees with you.

People have got to start taking this stuff seriously. Everyone _should_ be
donating monthly to OpenBSD for OpenSSH which _everyone and their grandmother_
uses in their infrastructure but they take it for granted and don't donate.
Which I personally find appalling that it's so widely used and yet supported
so very little for such a vital part of _everyones_ infrastructure.

SSL is the same way, it's a vital part of _everyones_ infrastructure and both
the OpenBSD folks and lets encrypt should be bankrolled by the tens of
millions each year from both individuals and the corporations who use this
software on a massive scale. Seriously, Cisco, Juniper, Oracle (yeah I know it
was a waste of bits to type that name here), every corporation using SSH
should be pouring millions into the OpenBSD foundation and you should all be
ashamed and publicly called out for not doing so!

~~~
CaptSpify
Why not both?

Yes, LE are the good guys, and everyone _should_ be donating mountains of
money to them, and the bsd-folks. But that doesn't negate the fact that $200K
a month is a crazy amount.

~~~
rgbrenner
In what way is this a 'crazy amount'? If it were 100% personnel costs, it
would only pay for a dozen or two people max. Is that an unreasonable number
of people working on SSL?

There are literally thousands of people working at SSL companies. 1100 at
Comodo alone.

~~~
StavrosK
It's not a crazy amount for running a company. It's a crazy amount _for a
crowdfunding campaign_.

~~~
rgbrenner
if you think that's crazy.. take a look at the amounts on this page:

[https://en.wikipedia.org/wiki/List_of_highest_funded_crowdfu...](https://en.wikipedia.org/wiki/List_of_highest_funded_crowdfunding_projects)

------
bikamonki
I want to donate using Paypal not a credit card. Is there a way to do it?

~~~
driverdan
Why would you want to use Paypal? It's a terrible service.

~~~
seeekr
Why is Paypal terrible? (Honest question, I find it to be a great service. Am
not US-based, if that matters.)

~~~
StavrosK
Its fees are just sheer theft. I just used it for collecting money from
friends for a small paintball event I want to organize, and it kept 10%!
Seriously, people sent 5 euros, and I got 4.48, for no reason I can see.

Not to mention that currency conversion is a complete ripoff. I avoid PayPal
like the plague.

~~~
eropple
Paypal's fees are 2.9% + $0.30 USD, which is pretty standard among commercial-
level (and you were using it commercially, otherwise they'd have sent it as a
gift) processors that don't require a merchant account. Braintree is 2.9% +
$0.30 USD; Stripe is also 2.9% + $0.30 USD if you're under $1m/year.

~~~
StavrosK
I don't know anything about commercial stuff. All I know was that I wanted my
friends to send me $5 so I could pay the paintball guy, and PayPal kept 10% of
that.

------
andymurd
As the ease of use and zero cost of LE prompted me to use way more certs this
year they get a donation.

------
j0rd
Place to donate via PayPal.

Also take a page from buffer and release your expenses and revenues.

I'm willing to donate any time I get a cert from you guys and I'm sitting on
all this free PayPal money to give you, but can't via indygogo

~~~
jaas
We just added the PayPal button back to letsencrypt.org, it's near the bottom
of each page now.

------
taytus
Give me wildcard support and I'll be more than happy in donating.

~~~
StavrosK
You should be happy to donate _now_. LE is the best thing to happen to the web
since zombo.com.

------
secfirstmd
How about a different type of funding model...Let's call it a "Refunder"

-A LetsCrypt certificate is ultimately free

BUT

-You must pay X amount of dollars to get one (a fair and low amount)\

-After 30 days, you can cancel/refund your payment

-BUT you still get to keep your certificate...

Probably in something like this, a fairly high percent of people will not
bother to pay / are happy to continue to pay. LetsEncrypt certificates are
still always free but at least this way human laziness means that LE important
work can be sustainable into the future.

~~~
corobo
They'd lose so much money on processing fees. I'd imagine any processor would
drop it like it's hot if you had a super high refund rate, even if on purpose.

Wouldn't it also break the whole automatic side of things?

------
corobo
Am I the only one disappointed when crowd funded projects offer so much in
terms of rewards?

I get it when it comes to crowd funded products - actually getting the product
- but do you really need the overheads of making and shipping (and in some
cases handling returns) on physical rewards? Anyone in the know - How much
does this eat into the raised funds?

Another comment here mentioned they're likely after corporate donations - I'm
guessing they get processed outside of indiegogo?

~~~
jfindley
I'm not sure that a single sticker for $50 really qualifies as a large reward.
I'd be very surprised if these cost more than $2 per sticker, including
distribution costs (note: the entire process from production to distribution
is very likely to be outsourced).

It's nice to have some sort of recognition to people who give you money, it
seems perfectly reasonable to me.

~~~
corobo
In this case it's actually done pretty tactfully, you're not effectively just
paying for a new hoodie. I was more speaking in the general sense as a loud
thought, in hindsight it's not really relevant to bring up in this thread.

------
chaz6
I would like to get an email/client signing certificate from LetsEncrypt. Is
this on the roadmap?

~~~
MikeKusold
Comodo offers free S/MIME certificates.

[https://www.comodo.com/home/email-security/free-email-
certif...](https://www.comodo.com/home/email-security/free-email-
certificate.php)

EDIT: A quick google showed me that there are also others that offer S/MIME
for free

[http://kb.mozillazine.org/Getting_an_SMIME_certificate](http://kb.mozillazine.org/Getting_an_SMIME_certificate)

------
eriknstr
I absolutely plan on contributing to the campaign and I totally get that the
rewards are symbolic but I _still_ found it a bit strange that while for $50
you get a sticker and for $100 you get a t-shirt, you get the same sticker +
t-shirt if you contribute $250.

------
metafunctor
I wonder why they don't collect email addresses for people using their
service. It would open all sorts of opportunities for marketing, soliciting
donations, and also service announcements. I mean, I heard about this campaign
on Hacker News, not directly from Let's Encrypt.

Also, I'd probably sign up for a small recurring donation if it was possible.
Recurring donations could become a significant and reliable source of funding.

Edit: I am not suggesting they start spamming everyone and ask for money. An
opt-in email list for topics not strictly related to service would be good.

~~~
jaas
We have a lot of email addresses provided for certificate accounts but we'd
prefer to use them only when necessary, because that's what people had in mind
when they gave them to us. When we collect email addresses via marketing
efforts we may use them for future marketing efforts (with the appropriate
opt-out options, of course).

~~~
metafunctor
Of course. Is there a (low volume) mailing list somewhere I can sign up to get
announcements for things like this?

P.S. Let's Encrypt rocks! I just donated.

------
lossolo
Why not just make it open source? And let other people work on it and just
cover 3 people managing this + architecture costs. You don't need 2.9 mil per
year to process 60k certificate requests a day with system that is practically
finished. What else is there to do which open source community could not do it
itself? Thousands of companies and developers use letsencrypt, a lot of
potential man power to help if you ask me. You could easily cut costs 5-6
times. Or am i missing something here?

~~~
jaas
I think you're missing a number of important things here. We operate on a
pretty small budget for what we provide. I doubt you'd be happy with a CA that
operated with a smaller budget.

1) Our software is already open source. That doesn't mean we get the
development work that we need when we need it for free. We are constantly
working on various features and fixes that need to be deployed weekly if not
more often, and usually based on a close working relationship with our
operations team. Security fixes need to be produced in hours or less, not when
a volunteer contributor gets around to it. Our engineers also spend a lot of
time every day digging through hundreds of GB of logs to find or verify
service issues.

Keep in mind that our software is deployed by very few people other than us,
because in order for our software to be useful you need to have done a massive
amount of other (expensive) work to set up the legal, compliance, and
technical context.

2) I'm not sure where you get 60k requests per day as a representation of our
system load. Between ACME API interactions and OCSP it's many millions.

3) The CA needs to be monitored 24/7\. Our infrastructure is necessarily more
complicated than your average web API or application, and it's constantly
being maintained and improved. Open sourcing doesn't address the issue of
having highly qualified and trained staff building and monitoring secure
systems.

4) There is a huge amount of tedious compliance and legal work that has to be
done in order for us to continue to operate.

5) We operate in a compliance environment (WebTrust/BRs/root program rules).
We have a lot of obligations, mostly for good reasons, that make what we're
doing very different from "write some code, throw it on GitHub, deploy on a
cloud service and be done with it."

~~~
lossolo
I see, that makes sense. After researching a little bit more on WebTrust etc.
I can see your point and what I was indeed missing.

2) I thought i saw around 60k certificate requests in statistics on your site.

