Richard Barnes confirmed he do not talk is the name of Let’s Encrypt :
So there is two unanswered question:
Referring to the bug tracker entry, where was a recent violation of BR 18.104.22.168. How will ISRG handle that in future?
https://groups.google.com/d/msg/mozilla.dev.security.policy/gKCqWRmBQ_8/R1zGC0etBgAJ from neg...@gmail.com
Could you provide more details of this violation, please?
https://groups.google.com/d/msg/mozilla.dev.security.policy/gKCqWRmBQ_8/pJXpzqKtBgAJ from Richard Barnes.
According to https://wiki.mozilla.org/CA:How_to_apply#Public_discussion :
A representative of the CA whose root inclusion request is being discussed must clearly represent their employer and must promptly respond directly in the discussion thread to all questions that are posted.
josh...@gmail.com and jo...@letsencrypt.org (Is that you, @jsha ?) answered two times in that forum. Probably as a representative of Let’s Encrypt. I believe the use of the @letsencrypt.org should be prefered, to indicate the representation of the CA, or at least add it in the signature of the message. (Which, by the was, was not signed, and groups.google.com truncate emails…)
About the issue mentioned by neg...@gmail.com, I believe it was about that:
https://bugzilla.mozilla.org/show_bug.cgi?id=1204656#c19 (Even if it’s unclear that there was a violation of the BR)