On 22/02/17 17:08, Richard Wang wrote: > I think "apple-id-2.com" is a high risk domain that must be blocked to issue > DV SSL to those domains.
I don't represent Let's Encrypt, but their policy on such things is relevant to this discussion, and it is here: https://letsencrypt.org/2015/10/29/phishing-and-malware.html Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy