Image Lazy Loading

content/de/certificates.md

@@ -81,7 +81,7 @@ nahtlos erstellen.
 
 Das folgende Bild erklärt die Beziehungen zwischen unseren Zertifikaten:
 
-<img src="/certs/isrg-keys.png" alt="ISRG Key relationship diagram">
+<img src="/certs/isrg-keys.png" alt="ISRG Key relationship diagram" loading="lazy">
 
 # OCSP Signiertes Zertifikat
 

content/de/how-it-works.md

@@ -29,7 +29,8 @@ Neben den Herausforderungen bietet die Let's Encrypt-Zertifizierungsstelle auch
 
 <div class="howitworks-figure">
 <img alt="Aufforderung zur Validierung von example.com stellen"
-     src="/images/howitworks_challenge.png"/>
+     src="/images/howitworks_challenge.png"
+      loading="lazy"/>
 </div>
 
 Die Agentensoftware erfüllt eine der gestellten Herausforderungen. Nehmen wir an, sie ist in der Lage, die zweite Aufgabe oben auszuführen: Sie erstellt eine Datei in einem angegebenen Pfad auf der Website `http://example.com`. Der Agent signiert die bereitgestellte Nonce ausserdem mit seinem privaten Schlüssel. Nachdem der Agent diese Schritte ausgeführt hat, benachrichtigt er die Zertifizierungsstelle, dass sie zur Validierung bereit ist.
@@ -38,7 +39,8 @@ Dann ist es die Aufgabe der Zertifizierungsstelle, zu überprüfen, ob die Auffo
 
 <div class="howitworks-figure">
 <img alt="Requesting authorization to act for example.com"
-     src="/images/howitworks_authorization.png"/>
+     src="/images/howitworks_authorization.png"
+     loading="lazy"/>
 </div>
 
 Wenn die Signatur über die Nonce gültig ist und die Herausforderungen ausgecheckt werden, ist der durch den öffentlichen Schlüssel identifizierte Agent berechtigt, die Zertifikatsverwaltung für `example.com` durchzuführen. Wir nennen das Schlüsselpaar, dass der Agent ein "autorisiertes Schlüsselpaar" für `example.com` verwendet hat.
@@ -53,12 +55,14 @@ Wenn die Let's Encrypt-Zertifizierungsstelle die Anforderung erhält, werden bei
 
 <div class="howitworks-figure">
 <img alt="Anfordern eines Zertifikats für example.com"
-     src="/images/howitworks_certificate.png"/>
+     src="/images/howitworks_certificate.png"
+     loading="lazy"/>
 </div>
 
 Der Widerruf funktioniert auf ähnliche Weise. Der Agent unterzeichnet eine Sperranforderung mit dem für `example.com` autorisierten Schlüsselpaar, und die Let's Encrypt-Zertifizierungsstelle überprüft, ob die Anforderung autorisiert ist. In diesem Fall werden Sperrinformationen in den normalen Sperrkanälen (z.B. OCSP) veröffentlicht, sodass vertrauende Parteien wie Browser wissen können, dass sie das widerrufene Zertifikat nicht akzeptieren sollten.
 
 <div class="howitworks-figure">
 <img alt="Anfrage zum Widerruf eines Zertifikats für example.com"
-     src="/images/howitworks_revocation.png"/>
+     src="/images/howitworks_revocation.png"
+     loading="lazy"/>
 </div>

content/de/trademarks.md

@@ -266,15 +266,15 @@ dieser Richtlinie haben, können Sie uns gerne unter
 Unser Standardlogo und Text. Abgesehen von wenigen Ausnahmen ist dies
 die Standard-Go-To-Version.
 
-<p> <img src="/images/le-logo-standard.png" alt="standard logo" height=125> </p> 
+<p> <img src="/images/le-logo-standard.png" alt="standard logo" height=125 loading="lazy"> </p> 
 <p> <a href="/images/le-logo-standard.eps">EPS</a> <a href="/images/le-logo-standard.svg">SVG</a> <a href="/images/le-logo-standard.png">PNG</a> </p>
 
 ### Let's Encrypt weit
 
 Die breite Version unseres Logos und Textes. Verwenden Sie dies in
 Kontexten, in denen der vertikale Raum begrenzt ist.
 
-<p> <img src="/images/le-logo-wide.png" alt="wide logo" height=90> </p>
+<p> <img src="/images/le-logo-wide.png" alt="wide logo" height=90 loading="lazy"> </p>
 <p> <a href="/images/le-logo-wide.eps">EPS</a> <a href="/images/le-logo-wide.svg">SVG</a> <a href="/images/le-logo-wide.png">PNG</a> </p>
 
 ### Let's Encrypt nur Schlüssel
@@ -284,5 +284,5 @@ Encrypt" deutlich sichtbar ist oder an anderer Stelle auf der Seite oder
 im Design festgelegt wurde. (Verwenden Sie im Zweifelsfall ein anderes
 Format.)
 
-<p> <img src="/images/le-logo-lockonly.png" alt="Logo only key" height=125> </p>
+<p> <img src="/images/le-logo-lockonly.png" alt="Logo only key" height=125 loading="lazy"> </p>
 <p> <a href="/images/le-logo-lockonly.eps">EPS</a> <a href="/images/le-logo-lockonly.svg">SVG</a> <a href="/images/le-logo-lockonly.png">PNG</a></p>

content/en/how-it-works.md

@@ -3,7 +3,7 @@ title: How It Works
 linkTitle: How Let's Encrypt Works
 slug: how-it-works
 top_graphic: 3
-lastmod: 2019-10-18
+lastmod: 2020-10-28
 ---
 
 {{< lastmod >}}
@@ -27,7 +27,8 @@ Along with the challenges, the Let's Encrypt CA also provides a nonce that the a
 
 <div class="howitworks-figure">
 <img alt="Requesting challenges to validate example.com"
-     src="/images/howitworks_challenge.png"/>
+     src="/images/howitworks_challenge.png"
+     loading="lazy"/>
 </div>
 
 The agent software completes one of the provided sets of challenges.   Let's say it is able to accomplish the second task above: it creates a file on a specified path on the `http://example.com` site.  The agent also signs the provided nonce with its private key.  Once the agent has completed these steps, it notifies the CA that it's ready to complete validation.
@@ -36,7 +37,8 @@ Then, it's the CA's job to check that the challenges have been satisfied.  The C
 
 <div class="howitworks-figure">
 <img alt="Requesting authorization to act for example.com"
-     src="/images/howitworks_authorization.png"/>
+     src="/images/howitworks_authorization.png"
+     loading="lazy"/>
 </div>
 
 If the signature over the nonce is valid, and the challenges check out, then the agent identified by the public key is authorized to do certificate management for `example.com`.  We call the key pair the agent used an "authorized key pair" for `example.com`.
@@ -52,13 +54,15 @@ When the Let's&nbsp;Encrypt CA receives the request, it verifies both signatures
 
 <div class="howitworks-figure">
 <img alt="Requesting a certificate for example.com"
-     src="/images/howitworks_certificate.png"/>
+     src="/images/howitworks_certificate.png"
+     loading="lazy"/>
 </div>
 
 Revocation works in a similar manner.  The agent signs a revocation request with the key pair authorized for `example.com`, and the Let's&nbsp;Encrypt CA verifies that the request is authorized.  If so, it publishes revocation information into the normal revocation channels (i.e. OCSP), so that relying parties such as browsers can know that they shouldn't accept the revoked certificate.
 
 <div class="howitworks-figure">
 <img alt="Requesting revocation of a certificate for example.com"
-     src="/images/howitworks_revocation.png"/>
+     src="/images/howitworks_revocation.png"
+     loading="lazy"/>
 </div>
 

content/en/post/2016-4-12-leaving-beta-new-sponsors.markdown

@@ -13,7 +13,7 @@ Let’s Encrypt is leaving beta today. We’re also excited to announce that fou
 
 Since our beta began in September 2015 we’ve issued more than 1.7 million certificates for more than 3.8 million websites. We’ve gained tremendous operational experience and confidence in our systems. The beta label is simply not necessary any more.
 
-<p class="text-center"><img src="/images/Issuance-April-10-2016.png" alt="Issuance as of April 10, 2016" style="width: 650px; margin-bottom: 17px;"/></p>
+<p class="text-center"><img src="/images/Issuance-April-10-2016.png" alt="Issuance as of April 10, 2016" style="width: 650px; margin-bottom: 17px;" loading="lazy"/></p>
 
 We set out to encrypt 100% of the Web. We’re excited to be off to a strong start, and with so much support across the industry.
 

content/en/post/2016-6-22-https-progress-june-2016.markdown

@@ -11,7 +11,7 @@ Our goal with Let’s Encrypt is to get the Web to 100% HTTPS. We’d like to gi
 
 Let’s Encrypt has issued more than 5 million certificates in total since we launched to the general public on December 3, 2015. Approximately 3.8 million of those are active, meaning unexpired and unrevoked. Our active certificates cover more than 7 million unique domains.
 
-<p class="text-center"><img src="/images/le-certs-issued-june-22-2016.png" alt="Issuance as of June 22, 2016" style="width: 650px; margin-bottom: 17px;"/></p>
+<p class="text-center"><img src="/images/le-certs-issued-june-22-2016.png" alt="Issuance as of June 22, 2016" style="width: 650px; margin-bottom: 17px;" loading="lazy"/></p>
 
 A couple of different factors have contributed heavily to this growth. The first is large-scale deployments from companies such as OVH, WordPress.com, Akamai, Shopify, Dreamhost, and Bitly. The second is our ability to serve individual sites globally with a focus on ease-of-use. If we’re going to get to 100% HTTPS we need to reach the “long tail” of the Web, which is in many ways more challenging due to the number of parties involved and widely varying degrees of technical competency.
 

content/en/post/2016-8-5-le-root-to-be-trusted-by-mozilla.markdown

@@ -13,7 +13,7 @@ Public CAs need their certificates to be trusted by browsers and devices. CAs th
 
 Getting a new root trusted and propagated broadly can take 3-6 years. In order to start issuing widely trusted certificates as soon as possible, we partnered with another CA, IdenTrust, which has a number of existing trusted roots. As part of that partnership, an IdenTrust root “vouches for” the certificates that we issue, thus making our certificates trusted. We’re incredibly grateful to IdenTrust for helping us to start carrying out our mission as soon as possible.
 
-<p class="text-center"><img src="/images/le-firefox-chain-of-trust.png" alt="Chain of trust between Firefox and Let's Encrypt certificates." style="width: 650px; margin-bottom: 17px;"/><br><em>Chain of Trust Between Firefox and Let's Encrypt Certificates</em></p>
+<p class="text-center"><img src="/images/le-firefox-chain-of-trust.png" alt="Chain of trust between Firefox and Let's Encrypt certificates." style="width: 650px; margin-bottom: 17px;" loading="lazy"/><br><em>Chain of Trust Between Firefox and Let's Encrypt Certificates</em></p>
 
 However, our plan has always been to operate as an independently trusted CA. Having our root trusted directly by the Mozilla root program represents significant progress towards that independence.
 

content/en/post/2017-1-6-le-2016-in-review.markdown

@@ -12,7 +12,7 @@ Our first full year as a live CA was an exciting one. I’m incredibly proud of
 
 At the start of 2016, Let’s Encrypt certificates had been available to the public for less than a month and we were supporting approximately 240,000 active (unexpired) certificates. That seemed like a lot at the time! Now we’re frequently issuing that many new certificates in a single day while supporting more than 20,000,000 active certificates in total. We’ve issued more than a million certificates in a single day a few times recently. We’re currently serving an average of 6,700 OCSP responses per second. We’ve done a lot of optimization work, we’ve had to add some hardware, and there have been some long nights for our staff, but we’ve been able to keep up and we’re ready for another year of [strong growth](https://letsencrypt.org/stats/).
 
-<p class="text-center"><img src="/images/Jan-6-2017-Cert-Stats.png" alt="Let's Encrypt certificate issuance statistics." style="width: 650px; margin-bottom: 17px;"/></p>
+<p class="text-center"><img src="/images/Jan-6-2017-Cert-Stats.png" alt="Let's Encrypt certificate issuance statistics." style="width: 650px; margin-bottom: 17px;" loading="lazy"/></p>
 
 We added a number of [new features](https://letsencrypt.org/upcoming-features/) during the past year, including support for the ACME DNS challenge, ECDSA signing, IPv6, and Internationalized Domain Names.
 

content/en/post/2017-6-28-hundred-million-certs.markdown

@@ -17,7 +17,7 @@ Third, it illustrates the power of automated certificate management. If getting
 
 The total number of certificates we’ve issued is an interesting number, but it doesn’t reflect much about tangible progress towards our primary goal: a 100% HTTPS Web. To understand that progress we need to look at this graph:
 
-<p class="text-center"><img src="/images/2017.06.28-https-percentage.png" alt="Percentage of HTTPS Page Loads in Firefox." style="width: 650px; margin-bottom: 17px;"/></p>
+<p class="text-center"><img src="/images/2017.06.28-https-percentage.png" alt="Percentage of HTTPS Page Loads in Firefox." style="width: 650px; margin-bottom: 17px;" loading="lazy"/></p>
 
 When Let’s Encrypt’s service first became available, less than 40% of page loads on the Web used HTTPS. It took the Web 20 years to get to that point. In the 19 months since we launched, encrypted page loads have gone up by 18%, to nearly 58%. That’s an incredible rate of change for the Web. Contributing to this trend is what we’re most proud of.
 

content/en/trademarks.md

@@ -3,7 +3,7 @@ title: Trademark Policy
 slug: trademarks
 top_graphic: 1
 date: 2018-09-19
-lastmod: 2018-09-19
+lastmod: 2020-10-28
 english_is_canonical: 1
 ---
 
@@ -102,19 +102,19 @@ If you’d like to use the ISRG Marks in a way that’s not covered by this poli
 
 Our standard logo and text. Outside of a few exceptions, this is the default, go-to version.
 
-<p><img src="/images/le-logo-standard.png" alt="standard logo" height=125></p>
+<p><img src="/images/le-logo-standard.png" alt="standard logo" height=125 loading="lazy"></p>
 <p><a href="/images/le-logo-standard.eps">EPS</a> <a href="/images/le-logo-standard.svg">SVG</a> <a href="/images/le-logo-standard.png">PNG</a></p>
 
 ### Let's Encrypt Wide
 
 The wide version of our logo and text. Use this in contexts where vertical space is limited.
 
-<p><img src="/images/le-logo-wide.png" alt="wide logo" height=90></p>
+<p><img src="/images/le-logo-wide.png" alt="wide logo" height=90 loading="lazy"></p>
 <p><a href="/images/le-logo-wide.eps">EPS</a> <a href="/images/le-logo-wide.svg">SVG</a> <a href="/images/le-logo-wide.png">PNG</a></p>
 
 ### Let's Encrypt Lock Only
 
 Our logo alone. Use this only when the "Let's Encrypt" word mark is clearly visible or has been well established elsewhere on the page or in the design. (When in doubt, use a different format.)
 
-<p><img src="/images/le-logo-lockonly.png" alt="lock only logo" height=125></p>
-<p><a href="/images/le-logo-lockonly.eps">EPS</a> <a href="/images/le-logo-lockonly.svg">SVG</a> <a href="/images/le-logo-lockonly.png">PNG</a></p>
+<p><img src="/images/le-logo-lockonly.png" alt="lock only logo" height=125 loading="lazy"></p>
+<p><a href="/images/le-logo-lockonly.eps">EPS</a> <a href="/images/le-logo-lockonly.svg">SVG</a> <a href="/images/le-logo-lockonly.png">PNG</a></p>

content/es/certificates.md

@@ -68,7 +68,7 @@ configuración perfectamente.
 
 La siguiente imagen explica visualmente las relaciones entre nuestros certificados:
 
-<img src="/certs/isrg-keys.png" alt="ISRG Key relationship diagram">
+<img src="/certs/isrg-keys.png" alt="ISRG Key relationship diagram" loading="lazy">
 
 # Certificado firma OCSP
 

content/es/how-it-works.md

@@ -27,7 +27,8 @@ Junto con los retos, el Let's Encrypt CA también provee un `nonce` que el agent
 
 <div class="howitworks-figure">
 <img alt="Solicitando retos para validar example.com"
-     src="/images/howitworks_challenge.png"/>
+     src="/images/howitworks_challenge.png"
+     loading="lazy"/>
 </div>
 
 El software de agente completa uno de los conjuntos de retos proveidos. Digamos que es capaz de realizar la segunda tarea anterior: crea un archivo en un *path* especifico en el site `http://example.com`. El agente también firma el `nonce` proveido con su llave privada. Una vez el agente ha completado estos pasos, notifica la AC que está listo para completar la validación.
@@ -36,7 +37,8 @@ Luego, es el trabajo de la AC verificar los que retos han sido satisfechos. La A
 
 <div class="howitworks-figure">
 <img alt="Solicitando autorización para actuar por example.com"
-     src="/images/howitworks_authorization.png"/>
+     src="/images/howitworks_authorization.png"
+     loading="lazy"/>
 </div>
 
 Si la firma sobre el `nonce` es válida, y los retos son válidos, entonces el agente identificado por su llave pública está autorizado a realizar la gestión de certificados para `example.com`. Llamamos el par de llaves que el agente usó un "par de llaves autorizado" para `example.com`.
@@ -52,13 +54,15 @@ Cuando el Let's Encrypt CA recibe una solicitud, verifica ambas firmas. Si todo
 
 <div class="howitworks-figure">
 <img alt="Solicitando un certificado para example.com"
-     src="/images/howitworks_certificate.png"/>
+     src="/images/howitworks_certificate.png"
+     loading="lazy"/>
 </div>
 
 Revocación funciona de una manera similar. El agent firma una solicitud de revocación con el par de llaves autorizado para `example.com`, y el Let's Encrypt CA verifica que la solicitud es autorizada. Si lo es, publica información de revocación a los canales normales de revocación (i.e. OCSP), para que los confiados tales como navegadores pueden saber que no deben aceptar el certificado recovado.
 
 <div class="howitworks-figure">
 <img alt="Solicitando revocación del certifiado para example.com"
-     src="/images/howitworks_revocation.png"/>
+     src="/images/howitworks_revocation.png"
+     loading="lazy"/>
 </div>
 

content/es/trademarks.md

@@ -102,19 +102,19 @@ Si desea utilizar las Marcas ISRG de una manera que no está cubierta por esta p
 
 Nuestro logotipo y texto estándar. Fuera de algunas excepciones, esta es la versión predeterminada.
 
-<p><img src="/images/le-logo-standard.png" alt="standard logo" height=125></p>
+<p><img src="/images/le-logo-standard.png" alt="standard logo" height=125 loading="lazy"></p>
 <p><a href="/images/le-logo-standard.eps">EPS</a> <a href="/images/le-logo-standard.svg">SVG</a> <a href="/images/le-logo-standard.png">PNG</a></p>
 
 ### Let's Encrypt Ancho
 
 La versión amplia de nuestro logo y texto. Use esto en contextos donde el espacio vertical es limitado.
 
-<p><img src="/images/le-logo-wide.png" alt="wide logo" height=90></p>
+<p><img src="/images/le-logo-wide.png" alt="wide logo" height=90 loading="lazy"></p>
 <p><a href="/images/le-logo-wide.eps">EPS</a> <a href="/images/le-logo-wide.svg">SVG</a> <a href="/images/le-logo-wide.png">PNG</a></p>
 
 ### Let's Encrypt Logo
 
 Nuestro logo solo. Use esto solo cuando la marca de la palabra "Let's Encrypt" sea claramente visible o esté bien establecida en otra parte de la página o en el diseño. (En caso de duda, use un formato diferente).
 
-<p><img src="/images/le-logo-lockonly.png" alt="lock only logo" height=125></p>
+<p><img src="/images/le-logo-lockonly.png" alt="lock only logo" height=125 loading="lazy"></p>
 <p><a href="/images/le-logo-lockonly.eps">EPS</a> <a href="/images/le-logo-lockonly.svg">SVG</a> <a href="/images/le-logo-lockonly.png">PNG</a></p>

content/fr/certificates.md

@@ -56,7 +56,7 @@ le certificat intermédiaire avec le sujet «Let’s Encrypt Authority X3» et 
 
 Le schéma ci-dessous décrit les relations entre nos certificats :
 
-<img src="/certs/isrg-keys.png" alt="Schéma des relations clés de l'ISRG">
+<img src="/certs/isrg-keys.png" alt="Schéma des relations clés de l'ISRG" loading="lazy">
 
 # Certificat de signature de l'OCSP