@motoko
I remembered, that once our website in past got blocked, it was by the discover of malicious user, who was jealous, and who promised me to block the website. Then they got together and somehow reported it through browser, and it got blocked in Facebook, by using WOT and Google Safebrowsing. There was no download at all on the website, and there was absolutely no virus, or similar. Further, we use only free software any try to minimize Javascript or not use it at all. And 99.99% pages are static HTML.
Google did not give any information why is our website malicious, it was something like “The code could not be isolated” message in the Google console. So there was no proof or evidence that website was malicious.
Google was wrongly accusing us, which is legal issue.
Let’s Encrypt has wrongly accused us, based on Google, which is legal issue.
Instead of being the real ass and going into the court, I am bringing the issue over here. When a website is accused of being malicious, loss of sales may incur, “profit” loss, or damages and other issues that are usually brought to courts. Google Safebrowsing is already considered by some online testimonials to deserve the class action lawsuit.
Let’s Encrypt shall not rely on any third party service.
If the website is rejected for the issuance of the SSL, then the clear information and evidence shall be RECORDED, and kept for future until matter is solved.
I have got the message that website was reported by third party as being malicious, that third party was not identified by cert-bot and inside of the logs, there was no information why the website is malicious.
Once again, your assumption is wrong, incorrect, that Google is “right” and I am not right. There was never and absolutely no evidence within Google console that there was anything malicious. I do not have screenshots to prove.
It seems to me that Google just as WOT and other “watchdog” websites serve the only reason to advertise themselves and their own services.
Let’s Encrypt shall not rely on unreliable third party, to user not identified third party services. It shall be transparent in the process of obtaining or rejecting certificate. cert-bot did not inform me what happened, I found it on this forum.
Other similar incidents:
What if this happens? Is then all SSL issuance in risk?
https://www.en.advertisercommunity.com/t5/Marketing-Your-Business/Google-wrongly-says-website-has-dangerous-links/td-p/791840
https://productforums.google.com/forum/#!topic/chrome/r-9JQIboUmc
https://www.google.com/search?q=wrongly+marked+website+as+malicious&ie=utf-8&oe=utf-8&client=icecat-b#q=google+false+positive+malicious+website