I'm talking about someone from a restricted country using a undocumented domain name to obtain a Let's Encrypt certificate and there is nothing that can be done about it. We can't predict the future.
Thank you, Burton On Thu, Mar 7, 2019 at 5:23 PM Matthew Hardeman <mharde...@gmail.com> wrote: > > On Thu, Mar 7, 2019 at 11:11 AM James Burton <j...@0.me.uk> wrote: > >> Let's be realistic, anyone can obtain a domain validated certificate from >> Let's Encrypt and there is nothing really we can do to prevent this from >> happening. Methods exist. >> > > I am continuing to engage in this tangent only in as far as it illustrates > the kinds of geopolitical issues that already taint this space and in as > much as that, I believe has some relevance for the larger conversation. > Now that I've said that, please, by all means, if I'm wrong about the > referenced assertion that I've posted, reach out to the usareally.com > people and help them get a Let's Encrypt certificate. Good luck with that. > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
