Not cross-sign, but just a leaf cert for transition.letsencrypt.org
if we left it as is user who will need this be able to see page will just see certificate error. I think we should host some transition page. While chrome's own root store will make certificate download error-free, it's just 2 mouths left, so I don't expect chromium will move to own root store in time.
1 Like
I'm not sure what transistion you are looking to be conveyed on that page, can you please elaborate?
We have a blog post about our upcoming root transistion:
And corresponding information in the API announcements:
If this is a transistion to new intermediates, we have this blog post
with more information about the certificates here:
1 Like
But as those page use LE cert, thoses who visit after root change will just see cert error
1 Like
Sounds like a classic catch-22.
You would know why you're seeing an error on this page now if you had read this page before the error was shown.
Put another way:
You need to read the unreadable page to know why it's unreadable.
2 Likes
Which browsers do you believe won't be able to reach the page? ISRG Root X1 is in all the major browsers. It's not in Windows 10 20H1, from what I can tell, but that's very different from suggesting everyone visiting the site will receive a certificate error when it goes live.
1 Like
Any android before 7.1.1
1 Like
The problem exists if there will be a significant quantity of people who will be affected. I don't think the disenfranchised will be too concerned about the general experience. 
2 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.