
Facebook Sponsors Let's Encrypt - therealunreal
https://letsencrypt.org/2015/12/03/facebook-sponsorship.html
======
Cherian
Before the skeptical comments rush in, can we for a moment take a step back
and appreciate this. Facebook has a lot of leaders who has worked in the
industry for long and I am sure they understand the value as much as we do.
There’s a very strong possibility that FB did this without any motives.

~~~
myth_buster

      Before the skeptical comments rush in
    

If the comment is in relation to the criticism to Mark's donations, I think
this is a non sequitur... I believe people understand that in large orgs there
are factions that operate with different motives. Also this is a good cause so
perhaps it helps their image too. So people won't be too critical of it.

~~~
andreyf
I often wonder whether the relationships between brand-less factions in (and
across) organizations has more of an impact than the official PR-heavy moves
made under the institutional brand.

Take, for example, the changes that have happened at Microsoft since Ballmer's
departure. I have a hard time imagining the branching GitHub's Atom to make an
open source "light IDE", deprecating IE, and Google's using TypeScript for
Angular2 happening while Ballmer's faction was in power. Microsoft has the
same name, but it's acting like a very different beast.

I'm not sure how one could observe these factions cut across institutions, but
I'd be interested if anyone has any suggested readings.

~~~
recursive
If you're referring to VS Code, it doesn't use Atom at all.

~~~
andreyf
Oh, interesting. Not sure where I heard that... thank you for the correction!

------
toomim
And the bigger news is that letsencrypt starts its public beta today! You
don't need to buy SSL certs anymore! Wow! Someone submit _this_ story!

~~~
OldSchoolJohnny
That's what they claimed but there's no evidence of it on their site.

~~~
pfg
Public beta starts around 6pm UTC, so I imagine an announcement will be posted
soon.

// edit: there we go, just posted:
[https://letsencrypt.org/2015/12/03/entering-public-
beta.html](https://letsencrypt.org/2015/12/03/entering-public-beta.html)

------
brwnll
Is there any indication what the sponsorship money of Let's Encrypt goes
toward?

Corporate sponsorship looks to be somewhere around $2m/year.

Is the money needed for scaling? Hiring engineers? Broadening product line?

~~~
pfg
I would imagine most of the money goes towards:

\- Development of the official client[1] and boulder[2], the CA server
software behind Let's Encrypt. Both are relatively big projects with lots of
things to add/improve on.

\- Hosting CA servers in two separate data centers. HSMs for key storage are
usually rather expensive as well. CRLs and OCSP are quite bandwidth-
intensive[3], that's probably where Akamai's sponsorship comes in. Ops teams
have to be available 24/7 in case of outages.

\- I'd guess the auditing costs are quite substantial as well. I'm not sure
what's necessary to get added to the various root programs out there
(Microsoft, Mozilla etc.), but I doubt it's free (unless that's part of some
sponsorship).

(I'm not affiliated with Let's Encrypt, just my perspective)

[1]:
[https://github.com/letsencrypt/letsencrypt](https://github.com/letsencrypt/letsencrypt)
[2]:
[https://github.com/letsencrypt/boulder](https://github.com/letsencrypt/boulder)
[3]: [https://blog.cloudflare.com/the-hard-costs-of-
heartbleed/](https://blog.cloudflare.com/the-hard-costs-of-heartbleed/)

------
Someone1234
I wonder why, really. I read Facebook's statement. But everyone always has
internal motives (in particular when money is involved), and I wonder what
Facebook gains from this?

I know why EFF/Mozilla does it (charity), Akamai do it ($$$ for them), Cisco
might also profit from it somehow (e.g. upgraded enterprise appliances to
support HTTPS on the proxy), but Facebook? I don't get Facebook's play here.

~~~
estefan
Maybe when you're worth $40bn or whatever and you plan to give 99% of it away
for philanthropic purposes, you don't need to live life with such a miserly
attitude?

~~~
Someone1234
Facebook, the company, is planning on giving away their entire net worth?
Where are you getting this from? Also isn't Facebook worth somewhere in the
region of $245 billion?

~~~
DiThi
Not FB, only Mark Zuckerberg AFAIK.

------
obeone
Being careful not to look a gift horse in the mouth, but... It is interesting
that Facebook ($300 Billion market cap) decided to support at the $150k level
instead of the $350k level (i.e. saving themselves from a rounding-error
$200,000 additional commitment).

It cost them more than that to make the decision and the press release.

~~~
danso
Maybe there's an internal policy at which $199,999 is a cut-off, i.e. at a
certain point, the sponsorship decision is moved to a higher-level of
bureaucracy and approval. Which is completely the sensible thing to do:
there's no reason why President Obama has to be the one who personally signs
off on million-dollar toilets in Iraq (even if the buck stops with the
President), and neither should _every_ sponsorship decision be put on the desk
of Mark Zuckerberg or Sheryl Sandberg...and an efficient way to do that is to
set off a discrete cut-offs, so that you don't have a middle manager thinking
they have the discretion to do the exact same moral reasoning as you suggest,
_" Oh why just give the Palo Alto Elementary Science Fair $10,000 when we
could give it $100,000 and no one would even notice?"_

Besides internal order, I imagine there's additional concerns and contractual
obligations that relate to a public company's stakeholders, e.g. the
shareholders who invest with a guarantee that a company has consistent
policies in place to manage its spending, whether operational or charitable.

------
estefan
Cool project. I hope nginx support for the client isn't far away.

~~~
DiThi
This involves a bit more manual (but scriptable) steps, but the example it
shows is for nginx, in addition to being very small and having barely any
dependencies. [https://github.com/diafygi/acme-
tiny](https://github.com/diafygi/acme-tiny)

------
gmisra
Taken in isolation, this is a laudable move. But shouldn't it be evaluated
within the context of their own internet.org initiative?

For those unaware, internet.org does not support TLS/HTTPS for most
connections. It is probably the single largest attempt in history to remove
secure access from a population, just in the name of advertising instead of
national security.

~~~
andreyf
_Internet.org does not support TLS /HTTPS for most connections_

Source, please?

EDIT: [https://www.eff.org/deeplinks/2015/05/internetorg-not-
neutra...](https://www.eff.org/deeplinks/2015/05/internetorg-not-neutral-not-
secure-and-not-internet)

EDIT2: this is from May. I wonder if anything has changed since.

------
merpnderp
React, Casandra, Flux, and tons more, Internet.org and now this? I can now
feel a little less bad that every time I click like, that at least my personal
information is supporting some great projects.

[https://code.facebook.com/projects/](https://code.facebook.com/projects/)

~~~
SuperKlaus
I don't see Casandra on that list. Isn't that an Apache project?

~~~
scott_karana
I don't see it either, probably because after creating it, they eventually
passed stewardship over to the Apache Foundation. I'm not sure how much they
still use it, even.

[https://en.wikipedia.org/wiki/Apache_Cassandra#History](https://en.wikipedia.org/wiki/Apache_Cassandra#History)

------
electriclove
Why not a Platinum sponsor?

