Comment 9 for bug 2018252

You're right, I think the user story will make things clearer:

Users on impacted versions of Ubuntu use certbot to generate CSRs (which are invalid), which are then processed by an ACME server that enforces version validity, and therefore rejects them.

While there are no public CAs that do this enforcement, we (the pyca/cryptography maintainers) have received several reports of private CAs with internal customers running impacted versions of certbot.