Checking me emails from letsencrypt this is the first I’ve heard about this TLS-SNI-01 deprecation. I’m all for it but it wish I had gotten a little earlier notice.
It’s mentioned this was decided and posted about a year ago but checking my email history I see nothing.
Did I miss some email that was sent out before or was it just posted in some blog post?
If it was never sent out via email a year ago please please PLEASE, next time you plan to deprecate something send out notifications earlier. As it is this notification seems like a “drop everything you planned to do” and fix all your sites immediately.
Also it sure would have been nice to know which sites. I didn’t implement the authentication, I’m using 3rd party libraries so I have no clue if I have to update some or all sites. Of course I can figure that out but you sent the mail only if one of my domains has this issue so you knew the domains. Would there have been any harm in telling me which ones they are?
Expecting tens of thousands of developers to monitor a blog is not a very good way to run such an important service as letsencrypt.
If they can send out notifications to everyone they are breaking millions of websites in 3 weeks they can just as easily send out notifications earlier
Yep, I acknowledge that we should have sent out notifications earlier, and we intended to. We had a number of delays extracting the list of affected users and trying to make sure there was a clear upgrade path for Certbot users, and we let it get later than we should have. My apologies.