I agree with the concerns about updating python3-cryptography in jessie. If we can’t update jessie, I’d ideally love to see the packages in jessie-backports updated. Despite the announcement that jessie-backports was discontinued ~6 months ago, tens of thousands of users and many more domains continue to rely on these packages as I wrote earlier in this thread. It would be great if a simple package upgrade was all they needed to do to prevent their TLS configurations from breaking.
With that said, I am not deeply familiar with the processes here and I am unsure how painful this would be to do. Brad > On Feb 11, 2019, at 2:28 AM, Ian Campbell <i...@debian.org> wrote: > > On Mon, 2019-02-11 at 12:06 +0200, Adrian Bunk wrote: >> certbot is not in jessie, so nothing to fix/update there. > > Oh, I hadn't realised that bit, thanks for clarifying. > > I have no advice/suggestions then. > > Ian. > >