> A lot of things, but probably not enough things for a certificate authority that has to support pretty much everything in widespread use to use.
TLS 1.3 is - in browser-centric scenarios - about 50% of clients today. Put another way: at least half of the internet does not support TLS 1.3, and that is larger still if you are in the embedded, large enterprise or similar spaces.
It will take a while to close out that last 50%, and I do not blame Let’s Encrypt for taking the clearly practical approach here (by far).
TLS 1.3 is - in browser-centric scenarios - about 50% of clients today. Put another way: at least half of the internet does not support TLS 1.3, and that is larger still if you are in the embedded, large enterprise or similar spaces.
It will take a while to close out that last 50%, and I do not blame Let’s Encrypt for taking the clearly practical approach here (by far).