Let’s Encrypt initially issued for some .in-addr.arpa domains because we hadn’t explicitly blocked it. However, when we later looked at the purpose of the .in-addr.arpa domain, we concluded that issuing TLS certificates for that domain is not in the spirit of the RFCs defining it. You can see the details at https://github.com/letsencrypt/boulder/pull/2279.
3 Likes