← Internet Security Research Group cases
Bugzilla #1795483 Certificate Problem Report

Let's Encrypt: Delayed revocation for removed gTLD

RESOLVED FIXED Internet Security Research Group
AI Summary

Let's Encrypt identified a failure to revoke three certificates within the required five-day period after the removal of the `.cancerresearch` gTLD from the ICANN registry. This oversight was discovered during an investigation into another gTLD, leading to the revocation of the affected certificates. The incident was documented, and remediation steps were taken to prevent future occurrences, including updates to internal processes and alert systems. The issue has been resolved, and Let's Encrypt has committed to monitoring for any further questions or comments.

Model: gpt-4o-mini Generated: 2026-06-13 21:17 UTC Confidence: 1.00
Chronology
  1. The `.cancerresearch` gTLD is removed from the root zone.
  2. The 5-day window for revoking `.cancerresearch` certificates closes.
  3. Incident report summary posted.
  4. Remediation items completed.
Participants
James Renken B. Wilson
External References
Original Bugzilla Case github.com www.icann.org crt.sh crt.sh crt.sh
Similar Local Cases
#1921573 RESOLVED Certificate Problem Report Opened 2024-09-27 · Closed 2024-11-06 · 56% similar
Let's Encrypt: No Meaningful Subject Distinguished Name
AI Summary CA Owner
#1625322 RESOLVED Certificate Problem Report Opened 2020-03-26 · Closed 2023-02-22 · 55% similar
Let's Encrypt: Failure to revoke key-compromised certificates within 24 hours
AI Summary CA Owner
#1715672 RESOLVED Certificate Problem Report Opened 2021-06-10 · Closed 2023-02-22 · 53% similar
Let's Encrypt: Failure to revoke for Certificate Lifetime Incident
AI Summary CA Owner
#1753123 RESOLVED Certificate Problem Report Opened 2022-02-01 · Closed 2023-01-04 · 53% similar
Let's Encrypt: Failure to provide OCSP Responses for some certificates
AI Summary CA Owner
#1954861 RESOLVED Certificate Problem Report Opened 2025-03-18 · Closed 2025-04-09 · 52% similar
Let's Encrypt: Early CRL Removal Incident
AI Summary CA Owner
#1666047 RESOLVED Certificate Problem Report Opened 2020-09-18 · Closed 2023-02-22 · 52% similar
Let's Encrypt: 302 total OCSP responses available beyond acceptable timelines
AI Summary CA Owner
#1645276 RESOLVED Certificate Problem Report Opened 2020-06-12 · Closed 2023-02-22 · 52% similar
Let's Encrypt: Expired ISRG Root OCSP X1 Certificate
AI Summary CA Owner
#1955721 RESOLVED Certificate Problem Report Opened 2025-03-21 · Closed 2025-06-10 · 51% similar
Let's Encrypt: Failure to Document Analysis of Detected Vulnerabilities
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action