Upcoming intermediate changes

The change in the new intermediate certificate is that the NameConstraints extension was removed.

In X1 and X2, there was a NameConstraints forbidding the intermediate from issuing for .mil domains. As a simplification for the sake of this post, let’s say this was represented as Deny=.mil. Note that this form has no Allow.

Windows XP has a bug in the certificate verification code, where if no Allow clauses are present, XP assumes that the certificate is valid for no names at all. Any certificate issued under such an intermediate would work on every system except Windows XP, as systems that do not understand NameConstraints at all would ignore it.

Let’s Encrypt Authority X3 is almost the same as Let’s Encrypt Authority X1 - they have the same keypair, it’s just that the NameConstraint has been removed. Same with X4 and X2.

There is no concern about allowing weaker ciphersuites or hash algorithms, because XP SP3 has support for SHA256. Let’s Encrypt has never issued any SHA-1 certificates, and never will.

6 Likes