Let's Encrypt is adding two new remote perspectives for domain validation. This change is motivated by the fact that increased perspectives provide more domain validation security. Increasing the number and coverage of our domain validation perspectives improves visibility and protection against BGP attacks.
During domain validation, this means that we will make 5 total validation requests, 1 from the primary datacenter and 4 from remote perspectives (previously 2). For validation to succeed, the primary server and a quorum of remote perspectives must receive the correct challenge response. This makes it more difficult for attackers to hijack validation requests. To learn more about multi-perspective domain validation, please see our earlier blog post when Let's Encrypt first added new perspectives.
We expect little to no impact to users. Let's Encrypt will begin performing domain validation with the new regions in staging next week on Wednesday March 6. Assuming all goes well, we will rollout to production the following week. Updates will be posted in this thread.