← Internet Security Research Group cases
Bugzilla #1966515 Certificate Problem Report

Let's Encrypt: Issuance for Invalid Internationalized Domain Name

RESOLVED INVALID Internet Security Research Group
AI Summary

This case discusses the issuance of a certificate by Let's Encrypt that contained an Internationalized Domain Name (IDN) with a disallowed Unicode character (U+200E, LEFT-TO-RIGHT MARK). While the certificate technically complies with the Baseline Requirements due to an exception allowing certain Punycode representations, it raises significant concerns regarding user safety and potential domain spoofing. The discussion concluded that the issuance does not violate any current policies, but it highlights the need for clearer guidelines to prevent misuse of such characters in domain names.

Model: gpt-4o-mini Generated: 2026-06-13 21:19 UTC Confidence: 0.90
Chronology
  1. Preliminary report filed by Let's Encrypt.
  2. Community discussion on the compliance of the certificate.
  3. Support for closing the bug as INVALID expressed by Chrome Root Program.
  4. Mozilla expresses concerns about user safety and trust.
  5. Final call for comments before closure.
Participants
Aaron Gable Dimitris Zacharopoulos Chrome Root Program Mozilla
External References
Original Bugzilla Case crt.sh datatracker.ietf.org github.com
Similar Local Cases
#1838667 RESOLVED Certificate Problem Report Opened 2023-06-15 · Closed 2023-07-05 · 56% similar
Let's Encrypt: Duplicate Serial Numbers
AI Summary CA Owner
#1715672 RESOLVED Certificate Problem Report Opened 2021-06-10 · Closed 2023-02-22 · 55% similar
Let's Encrypt: Failure to revoke for Certificate Lifetime Incident
AI Summary CA Owner
#1729567 RESOLVED Certificate Problem Report Opened 2021-09-07 · Closed 2023-02-22 · 55% similar
Let's Encrypt: Delay updating OCSP responses
AI Summary CA Owner
#1753123 RESOLVED Certificate Problem Report Opened 2022-02-01 · Closed 2023-01-04 · 55% similar
Let's Encrypt: Failure to provide OCSP Responses for some certificates
AI Summary CA Owner
#1955721 RESOLVED Certificate Problem Report Opened 2025-03-21 · Closed 2025-06-10 · 55% similar
Let's Encrypt: Failure to Document Analysis of Detected Vulnerabilities
AI Summary CA Owner
#1751984 RESOLVED Certificate Problem Report Opened 2022-01-25 · Closed 2023-02-22 · 54% similar
Let's Encrypt: TLS Using ALPN TLS Version and OID
AI Summary CA Owner
#1793114 RESOLVED Certificate Problem Report Opened 2022-09-30 · Closed 2023-02-22 · 54% similar
Let's Encrypt: Incomplete and Inconsistent CRLs
AI Summary CA Owner
#1886876 RESOLVED Certificate Problem Report Opened 2024-03-21 · Closed 2024-04-17 · 54% similar
Let's Encrypt: keyCompromise key blocking deviation from CP/CPS
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action