I would simply like to state that my views, and the views of Let's Encrypt, are closely aligned with those already expressed here by Peter Bowen and Eric Mill.
I will add, since I don't think it has been made clear enough here already, that violations of a CA's subscriber agreement can and should be considered fraud and abuse, in addition to the other general definitions given here. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
