On Android, the root was first added in Nougat (~half of devices according to Android Distribution Dashboard). But I think that browsers (like Firefox and Chrome) on Android tend to bring their own cacerts rather than using the device's, so it's probably not as bad as it looks.
To that end, it was added to NSS 3.26/Firefox 50 (November 2016) and to Chrome 57 (March 2017).
I was eating breakfast with a multitude of Android phones around me and four "older ones" could not access that site. The oldest that could connect was ~5 months old, all using new Mobile Chrome versions.
The reality is, for a bunch of usecases, you're gonna need to support 15 plus year old devices.
So Windows XP...
There are a lot of old systems out there running API's, automation, industrial systems, etc. They never get updates, and are expected to last decades. Most of them aren't on the public internet, but HTTPS would still be a good idea. This change is going to mean a bunch of them just get changed over to having no encryption.
Work for a university. We have a number of students in Africa, southeast Asia, and eastern Europe taking online courses. We do not support Windows XP or Vista, except for in the case of these students. Some of these guys don't have the resources for anything else.
I also know that we get a number of students connecting with Android v3 or earlier from these same locales.
Most industrial devices and even consumer kiosks probably access sites that are under the control of the device's owner or manufacturer. So the sites can just use self-signed certificates in the first place.
Or, for industrial use a hundred bucks on a certificate from an older CA is nothing.
Or, as 'vbezhenar hinted at elsewhere, the operators of the systems can distribute and install the ISRG root certificate to the devices that need them.
> I built an app that's used on thousands of Android devices in an industrial setting
If its that important to you or if its a commercial offering in an 'industrial setting', you should have no problems acquiring a cheap SSL certificate from another source. You can literally get them as low as $6 a year right now.
LE provides a great service and continues to do so. If you want to nitpick, then jump to a 'competitor'.
> If you want to nitpick, then jump to a 'competitor'
Sure, I can solve the problem by switching to a different CA, or by adding the ISRG root cert to each device.
But this is a problem that didn't need to happen. I blame myself for not anticipating it when I selected LE.
And I blame LE for cross-signing with a root cert that expires so soon. Not a good choice for a new CA that will take many years to be trusted on most devices.
So iPhone 4S is out of luck. That's terrible move. Suddenly half of the Internet becomes inaccessible to a perfectly working device. Though I think that user can install new CA certificate, so it's possible to manuall work around that problem.
The iPhone 4S has not received a security update in >2 years, and has >700 known security vulnerabilities, so it is not a "perfectly working device," it's a "probably compromised device."
To that end, it was added to NSS 3.26/Firefox 50 (November 2016) and to Chrome 57 (March 2017).
On iOS, it was first added in iOS 10 (2016).
The root itself was created in June 2015.
Edit: they also have a list on their website - https://letsencrypt.org/docs/certificate-compatibility/#know... . It lists Android < 2.3.6 as being incompatible .. I wonder if that's updated for the non-cross-signed intermediates.