We’re going to delay the transition to ISRG’s root a little further, to September 29 2020 (we were planning on July 8 until recently). The patterns of Android adoption have not significantly improved since last year. According to numbers from Android Studio, only 66% of Android users are on version 7.1 or above, which includes ISRG’s root. Android 7.1 was released in August 2016. Most of the devices stuck on older versions of Android do not receive updates from their manufacturers.
Currently Let’s Encrypt certificates are trusted on older devices by virtue of our cross-signature from IdenTrust’s DST Root X3. That cross-signature expires March 17 2021. We plan to generate new intermediate certificates and get cross-signatures on them, but those cross-signatures will only be good until September 30 2021 at the latest. That’s when DST Root X3 itself expires.
After September 30 2021, Let’s Encrypt certificates won’t work on Android devices older than 7.1. So why not wait until then to change which root we recommend chaining to? We don’t expect the Android situation to change much in the coming year, which means sites that need support for older Android devices may need to switch CAs. We’d like to give those sites plenty of time to transition. But some of those sites probably won’t be aware of the need to transition until they start receiving reports of errors from their users. In 2020, the fix for such errors will be simple: The site can change which intermediate it serves in its certificate chain, and everything will work fine for another year. However, if a site doesn’t receive error reports until September 2021, it would be stuck with no quick fix and needing to change CAs entirely during an outage. That’s not good for anyone.
In the time between now and September 29 we plan to start serving certificates with the “alternate” link relation to allow ACME clients to programmatically select a chain they prefer. Big thanks to community member @_az for implementing this feature in Boulder. Also during this time we will be issuing new certificates, including new intermediates to be cross-signed.