On Thu, Mar 7, 2019 at 10:54 AM James Burton <[email protected]> wrote: > Let's Encrypt issues domain validation certificates and anyone with a > suitable domain name (e.g. .com, .net, .org .... ) can get one of these > certificates just by proving control over the domain by using the DNS or " > /.well-known/pki-validation" directory as stated in the CAB Forum baseline > requirements. Country location doesn't matter. >
I'm sorry, but that is inaccurate. There are literally banned subscribers. Let's Encrypt has publicly and officially acknowledged this[1]. [1] https://community.letsencrypt.org/t/according-to-mcclatchydc-com-lets-encrypt-revoqued-and-banned-usareally-com/81517/10?u=mdhardeman _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
