Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Let’s Encrypt vows to fight Comodo over its ‘Let’s Encrypt’ trademark attempt

Liam Tung | July 5, 2016
Let's Encrypt is ready for a battle-who wins?

[Update as of 7 July 2016, 9am (Singapore Time) : According to Let's Encrypt, Comodo has revoked its applications for their trademarks. Let's Encrypt is pleased with this resolution as they feel that they "are clearly the rightful owners of these marks.]

Free digital certificate authority Let's Encrypt says it ready for a long battle if security firm Comodo doesn't quit pursuing trademark applications containing the 'Let's Encrypt' name.

Comodo says it's mission is to "create trust online", but the security firm and digital certificate vendor may have done exactly the opposite by filing three trademark applications with the USPTO containing 'Let's Encrypt'.

Let's Encrypt is a certificate authority (CA) that provides free digital certificates to websites and has over the past year upended the paid-for digital certificate industry that has been dominated by Symantec, GoDaddy, and to a lesser extent Comodo.

The CA, which is run by the Internet Security Research Group (ISRG), say its efforts to convince Comodo to pull the plug on the applications have so far failed.

"Since March of 2016 we have repeatedly asked Comodo to abandon their "Let's Encrypt" applications, directly and through our attorneys, but they have refused to do so.

We are clearly the first and senior user of "Let's Encrypt" in relation to Internet security, including SSL/TLS certificates - both in terms of length of use and in terms of the widespread public association of that brand with our organization," wrote ISRG's executive director Josh Aas in a blog post on Thursday.

Filings with USPTO show that Comodo applied for "Let's Encrypt", "Comodo Let's Encrypt", and "Let's Encrypt with Comodo" in October 2015.

Let's Encrypt officially launched in April 2016 but started using the name publicly in November 2014. The free CA is backed by Akamai, Mozilla, Cisco, EFF, and Facebook.

Let's Encrypt is aiming to boost the adoption of HTTPS on websites to ensure connections on the web are secure and encrypted. It reported this week that it had issued five million certificates covering seven million domains, up from zero since it launched in December and one million in March.

Comodo appears to be blocking requests for information about its Let's Encrypt trademark applications. According to one developer, Comodo's email server has been configured to reject any email with the Let's Encrypt URL.

CSO Australia's attempt to send a request for comment to Comodo's press and sales email accounts about the Let's Encrypt appeal was returned with a message: "554 Rejected: mail contains virus".

Comodo's name as a CA was tarnished by the so-called "Comodo hacker", who in 2011 claimed to have breached Comodo and later claimed responsibility for breaching DigiNotar, a Dutch CA.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.