[$] The Let's Encrypt certificate revocation scare

The Let's Encrypt project has madereal strides in helping to ensure that every web site can use the encryptedHTTPS protocol; it has provided TLS certificates at no charge that areaccepted by most or all web browsers. Free certificates accepted by thebrowsers are something that was difficult to find prior to the advent of the project in 2014; as of the end of February, theproject has issuedover a billion certificates. But a bug that was recentlyfound in the handling of Certificate AuthorityAuthorization (CAA) by the project put roughly 2.6% of the activecertificates-roughly three million-at risk of immediate revocation. As might beexpected, that caused a bit of panic in some quarters, but it turned outthat the worst outcome was largely averted.