The Let’s Encrypt project has made
real strides in helping to ensure that every web site can use the encrypted
HTTPS protocol; it has provided TLS certificates at no charge that are
accepted by most or all web browsers. Free certificates accepted by the
browsers are something that was difficult to find
prior to the advent of the project in 2014; as of the end of February, the
project has issued
over a billion certificates. But a bug that was recently
found in the handling of Certificate Authority
Authorization (CAA) by the project put roughly 2.6% of the active
certificates—roughly three million—at risk of immediate revocation. As might be
expected, that caused a bit of panic in some quarters, but it turned out
that the worst outcome was largely averted.

Source: LWN.net – [$] The Let’s Encrypt certificate revocation scare