This morning, Let's Encrypt mailed me that the Subscriber Agreement was updated; but it had no diff.

Let's Encrypt Subscriber,

We're writing to let you know that we are updating the Let's Encrypt Subscriber Agreement, effective August 1, 2016. You can find the updated agreement (v1.1.1) as well as the current agreement (v1.0.1) in the "Let's Encrypt Subscriber Agreement" section of the following page:

https://letsencrypt.org/repository/

Thank you for helping to secure the Web by using Let's Encrypt.

  • The Let's Encrypt Team

Let's get one thing clear: I love Let's Encrypt!

Before Let's Encrypt, there was a huge penalty to making your sites safer. If you didn't have any money to spend, you could make your site safer than having no certificate, by using a self-signed certificate, but you'd be scaring off your visitors because the browsers complain loudly; a disturbing paradox.

(I'm ignoring the few little known certificate brokers that handed out a limited set of free certificates here, because they, well... did I mention the word limited?)

Dear Let's Encrypt,

Thank you for your service. It is 2016+ worthy, even more so since you've decoupled the service from the vanilla letsencrypt application.

What is not 2016+ worthy, is your license update.

A license update should come with a diff, so we can see what has changed and what has not.

So, for your enjoyment and mine, I took the texts from the before and after PDF files and reindented them so they can be properly compared.

Fetch them here:
Let's Encrypt Subscriber Agreement - July 2015 (view)
Let's Encrypt Subscriber Agreement - August 2016 (view)

Compare the two using a tool like vimdiff. Or — for less readability — check out the unified diff (view).

ssl license encryption