14 DAY TRIAL // The Internet Security Research Group (ISRG) has published an open letter today revealing that Comodo, a security vendor and also one of the biggest Certificate Authorities (CAs) on the Web, is trying to illegally register the "Let's Encrypt" brand as its own.
The Let's Encrypt project started in 2012, but it officially became a business entity in 2014, when one of its creators, the Mozilla Foundation, joined the Electronic Frontier Foundation (EFF), Cisco, and Akamai and founded the ISRG non-profit organization.
In a letter on their site, Let's Encrypt administrators reveal that Comodo, one of the project's direct competitors, is trying to register the "Let's Encrypt" brand for itself. A successful registration would allow Comodo to force the project to change its name.
Comodo is one of ISRG's direct competitors
Comodo is a company that makes a lot of money by providing digital certificates. So it's no surprise that it has recently announced it topped the charts as the global leader in digital certificates, marking its fifth consecutive quarter to do so.
On the other side of the spectrum, we have Let's Encrypt, whose sole purpose is to provide "free" digital certificates in order for site owners to implement HTTPS for their online services. Besides being free a bird, Let's Encrypt certificates are also very easy to install, at least when compared to the SSL certificates provided by the rest of the market.
"Since March of 2016 we have repeatedly asked Comodo to abandon their 'Let’s Encrypt' applications, directly and through our attorneys, but they have refused to do so," Josh Aas, ISRG Executive Director, writes. "We are clearly the first and senior user of 'Let’s Encrypt' in relation to Internet security, including SSL/TLS certificates - both in terms of length of use and in terms of the widespread public association of that brand with our organization."
ISRG will fight in court if it has to
Comodo has filed three trademark registration applications, for the terms "Let's Encrypt," "Let's Encrypt with Comodo," and "Comodo Let's Encrypt."
ISRG says it will continue to fight for its brand because allowing Comodo to register its name would create confusion on the market. Aas says they worked hard to build their brand as a reliable indicator of quality. As you can imagine, the organization is not willing to back down from a fight and is not in the mood for these types of legal shenanigans.
Yesterday, the Let's Encrypt project announced it issued its five millionth certificate, just seven months after the service became available to the general public.
UPDATE [June 25, 2016]: Comodo announced on its forums that they'll be dropping the three trademark applications.
“ Comodo has filed for express abandonment of the trademark applications at this time instead of waiting and allowing them to lapse. Following collaboration between Let's Encrypt and Comodo, the trademark issue is now resolved and behind us and we'd like to thank the Let's Encrypt team for helping to bring it to a to a resolution. ”