Internet Security Research Group (ISRG) is the non-profit entity that operates the Let’s Encrypt certificate authority. Some policies that apply to Let’s Encrypt are ISRG policies, some are specific to Let’s Encrypt.

Let’s Encrypt Subscriber Agreement

• Currently in Effect
  • v1.2, November 15, 2017
  • U.S. Government Amendment, September 22, 2015
  • U.S. State and Local Government Amendment, December 28, 2016
• Historical / Informational
  • Differences from v1.1.1 to v1.2
  • v1.1.1, August 1, 2016
  • Differences from v1.0.1 to v1.1.1
  • v1.0.1, July 27, 2015

ISRG Certificate Policy

• v2.3, July 3, 2019
• v2.2, September 20, 2018
• v2.1, February 6, 2018
• v2.0, May 22, 2017
• v1.3, April 13, 2017
• v1.2, May 5, 2016
• v1.1, September 9, 2015
• v1.0, May 5, 2015

ISRG Certification Practice Statement

• v2.6, July 3, 2019
• v2.5, November 14, 2018
• v2.4, September 20, 2018
• v2.3, May 4, 2018
• v2.2, March 10, 2018
• v2.1, February 6, 2018
• v2.0, April 13, 2017
• v1.5, October 18, 2016
• v1.4, May 5, 2016
• v1.3, March 16, 2016
• v1.2, September 22, 2015
• v1.1, September 9, 2015
• v1.0, May 5, 2015

Let’s Encrypt Privacy Policy

• September 19, 2019

Let’s Encrypt Trademark Policy

• Let’s Encrypt Trademark Policy

ISRG Code of Conduct

• ISRG Code of Conduct

ISRG Non-Discrimination Statement and Policy

• ISRG Non-Discrimination Statement and Policy

ISRG Legal Transparency Reports

• October 1, 2019
• April 1, 2019
• October 1, 2018
• April 1, 2018
• October 1, 2017
• April 1, 2017
• October 1, 2016
• April 1, 2016
• July 1, 2015

WebTrust Audits

Operational Audits

• November 30, 2018: Trust Services Principles and Criteria for Certification Authorities Version 2.1
• November 30, 2018: WebTrust Principles and Criteria for Certification Authorities – SSL Baseline with Network Security – Version 2.3
• December 15, 2017: Trust Services Principles and Criteria for Certification Authorities Version 2.0
• December 15, 2017: WebTrust Principles and Criteria for Certification Authorities – SSL Baseline with Network Security – Version 2.2
• December 15, 2016: Trust Services Principles and Criteria for Certification Authorities Version 2.0
• December 15, 2016: WebTrust Principles and Criteria for Certification Authorities - SSL Baseline with Network Security - Version 2.0
• December 15, 2015: Trust Services Principles and Criteria for Certification Authorities Version 2.0
• December 15, 2015: WebTrust Principles and Criteria for Certification Authorities - SSL Baseline with Network Security - Version 2.0

Readiness Audits

• September 9, 2015: Trust Service Principles and Criteria for Certification Authorities Version 2.0
• September 9, 2015: WebTrust Principles and Criteria for Certification Authorities - SSL Baseline with Network Security - Version 2.0

Certificate Problem Reports

To report private key compromise, certificate misuse, or other types of fraud, compromise, misuse, inappropriate conduct, or any other matter related to certificates, please email cert-prob-reports@letsencrypt.org.