Some. About four years or so ago, it was discovered the cryptography they were using to sign websites was not as secure as they thought. They set about creating the rollout of a plan to increase the security of those encryption certificates so that when you connect to a HTTPS (secure) website, it actually IS secure. . . and they were supposed to have it done originally by 2016, but it hasn't been done yet.
There will be a public key which allows us USERS and everyone who needs to decrypt the portion of the certificate we need to see, and an owners'/issuer's key. . . that is the portion that assures the certificate of security is authentic. . . at least until some bad guys figure out how to spoof them. . . which should take a long time.
Evidently, they are FINALLY rolling the change over out this past weekend and making the new certificates available so we can be assured that when we connect to our banks, use a credit card on line, etc., it truly IS secure once the private keys are in place. It SHOULD be transparent to all of us users, although I expect to see some "The certificate for this website is expired or outdated" alerts.
Thank you, FRiend. Your input really helped flesh out this thread.
Now we know ICANN’s tacit reasoning [even though they no longer stand for free speech].