[afnog] Let's Encrypt To Revoke 3 Million TLS Certificates Due To Bug

Jean-Robert Hountomey hrobert at africacert.org
Wed Mar 4 02:40:48 UTC 2020


 
 


"Let's Encrypt will revoke over 3 million certificates on Wednesday, March 4th, due to a bug in their domain validation and issuance software. A bug in Let's Encrypt's certificate authority (CA) software caused some certificates to not be properly validated through Certificate Authority Authorization (CAA) configured for an associated domain. CAA is a security feature that allows domain administrators to create a DNS record that restricts the certificate authorities that are allowed to issue certificates for that particular domain."
Priority: 2 - Urgent 
Relevance: General
<[ https://www.bleepingcomputer.com/news/security/lets-encrypt-to-revoke-3-million-tls-certificates-due-to-bug/ ]( https://www.bleepingcomputer.com/news/security/lets-encrypt-to-revoke-3-million-tls-certificates-due-to-bug/ )>
 <[ https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864 ]( https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864 )>
 <[ https://community.letsencrypt.org/t/2020-02-29-caa-rechecking-bug/114591 ]( https://community.letsencrypt.org/t/2020-02-29-caa-rechecking-bug/114591 )>
 <[ https://letsencrypt.org/caaproblem/ ]( https://letsencrypt.org/caaproblem/ )>
 <[ https://checkhost.unboundtest.com/ ]( https://checkhost.unboundtest.com/ )>
 <[ https://www.theregister.co.uk/2020/03/03/lets_encrypt_cert_revocation/ ]( https://www.theregister.co.uk/2020/03/03/lets_encrypt_cert_revocation/ )>
 <[ https://www.zdnet.com/article/lets-encrypt-to-revoke-3-million-certificates-on-march-4-due-to-bug/ ]( https://www.zdnet.com/article/lets-encrypt-to-revoke-3-million-certificates-on-march-4-due-to-bug/ )>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.afnog.org/pipermail/afnog/attachments/20200303/4de49aae/attachment.html>


More information about the afnog mailing list