What's
lencr
org
Lencr.org
is a domain name owned by Let's
Encrypt: We use it to host data that is referenced inside the certificates we
issue_
Why is my computer fetching this data? Is it malicious?
No, the data on
lencr
org
is never malicious. When
device connects to
lencr
org
it's because client software on that
device (like a web browser or an app) connected to another site, saw a Lets Encrypt certificate, and is trying to verify that its
valid. This is routine for many clients.
We cant speak to whether the other site being connected to is malicious: If youre investigating network activity that seems
unusual, then you may want to focus on the connection that started just before the connection to
lencr.org
pattern of clients' connections to lencr
org  might Iook unusual or intermittent: Clients might never retrieve this data;
only retrieve subsets of it; or
'cache" some data for efficiency, so theyll only access it sometimes (the first time
need it,
and when the data may have expired)
What exactly is this data for?
When client software (like
web browser or an app) connects to
site, and that site presents
certificate, the client should
verify that the certificate is authentic and valid. This data helps clients do that in severa
ways
Under
lencr
org
we
provide Online Certificate Status Protocol (OCSP) data_
A client
use this data to confirm
whether an individual unexpired certificate that we issued is still valid, or was revoked. (This is only for "end-entity" or
"Ieaf" certificates, which we've issued to subscribers from one of our intermediate certificates:)
Under
lencr
org
we
provide Certificate Revocation Lists (CRLs) listing all the unexpired certificates that we issued
and later revoked: (This is only for our intermediate certificates, which we've issued from one of our root
certificates; not
for certificates that we've issued to subscribers:) A client
use this data to verify that our intermediate certificate, which
issued the end-entity certificate its verifying; has not been revoked.
Under i.Lencr.org
we
provide copies of our intermediate "issuer" certificates, which are either signed by one of our
The
they
may
may