Free, automated certificate authority run by the Internet Security Research Group. Issues TLS certificates without payment or manual verification theater. Relevant here because encrypted domains stop ISPs, registrars, and passers-by from reading your traffic—but only traffic. Your domain registration itself remains visible unless you use WHOIS privacy or register through a privacy-friendly registrar.
Let's Encrypt certificates are industry-standard. They work everywhere, renew automatically, and have no corporate gating. The catch: renewal requires proof you control the domain (DNS or HTTP validation). If your registrar blocks DNS changes or your host goes down, renewal fails and your cert expires. Plan accordingly on bulletproof infrastructure.
Why it matters: encryption is table stakes. No HTTPS, no credibility. Let's Encrypt democratized this; you no longer need to pay $200/year to Comodo for basic protection. Wildcard and multi-domain certificates available. Logs are public and searchable (transparency can cut both ways).