Package: python3-acme Version: 0.28.0-1~deb9u1 The python*-acme packages will no longer work with Let’s Encrypt’s “ACMEv2” endpoint which is their RFC 8555 compliant endpoint starting November 1st. See https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380 for more details about this change.
This change will make the python*-acme packages unusable with this endpoint which will break any software using the library for this purpose. The impact of this which will affect the most users is probably the impact on Certbot where the client will no longer be able to obtain new certificates with the default ACME server (which almost everyone uses). This would mean that the TLS certificates currently being automatically renewed by Certbot on Debian Stretch will expire causing TLS failures. As one of the upstream maintainers of this library, I would recommend backporting the python*-acme packages from Debian Buster to Stretch to fix this problem as these packages have been well tested and there are no breaking API changes between versions.