Let’s Encrypt delays certificates revocation

The Let’s Encrypt free Certification Authority has decided to delay the revocation of 2.7 million possible vulnerable certificates that were incorrectly issued due to a bug.

The initial deadline was the 4th of March, however due to the fact that only 1.7 million certificates were renewed they’ve decided to push the deadline further.

A new deadline was not announced, Let’s Encrypt claiming certificates will be revoked as they are renewed. Given the fact that their certificates are only valid for 3 months, the decision to “not break the internet” was obvious.