
Let's Encrypt revokes 3M certificates due to CAA checking bug - regecks
https://letsencrypt.org/caaproblem/
======
terom
Here's some quick&dirty stats from the list of revoked certificates:
[https://gist.github.com/SpComb/6338facd12e020ec4fe561ca91f32...](https://gist.github.com/SpComb/6338facd12e020ec4fe561ca91f3254f)

There's 3M "missing CAA checking results" in total, of which 2M are dated from
2020 and 1M from last month. FWIW the only certs of mine affected were old
certs from 2019-12 which had since already been renewed in Feb, and the
renewed certs are not affected?

The largest account has 445k certs revoked, and the most revoked certs from
last month (most likely to still be in active use?) is 43k for a single
account. I hope your rate-limits are in order if you're going to start
reissuing all of those before midnight :/

BTW account number 131 at the top of the file seems to mostly be
akamaiedge.net sites :)

