Wow. I’m impressed. Let’s Encrypt by their own declaration and by observed interactions in their community help forums maintains a high value blacklist of domains.
It’s difficult to imagine how that list doesn’t include PayPal but did include mail.ru. Can you repeat that test with, say, microsoft.cologne? Just testing a theory... On Thursday, April 12, 2018, Peter Saint-Andre via dev-security-policy < firstname.lastname@example.org> wrote: > On 4/12/18 9:17 PM, jomo via dev-security-policy wrote: > >> I doubt Let's Encrypt would issue for paypal.any_valid_tld even if CAA > would > >> permit. > > > > https://paypal.cologne :) > > There's nothing like an existence proof to get one's attention. :-) > > Peter > > _______________________________________________ > dev-security-policy mailing list > email@example.com > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list firstname.lastname@example.org https://lists.mozilla.org/listinfo/dev-security-policy