Hello. I’m an user of a service which has SSL certificates yuo emitted and I think it is breking rules of conduct. Can you guide me to the correst site for reporting?
Which rules of conduct?
If you think the content of the website is illegal or otherwise objectionable, report it to the web host, domain registrar, and Google Safe Browsing.
Otherwise,
To report private key compromise, certificate misuse, or other types of fraud, compromise, misuse, inappropriate conduct, or any other matter related to certificates, please email cert-prob-reports@letsencrypt.org.
3 Likes
If you have a suspected phishing or malware site, your best course of action is to report it to google safe browing, among others. (This is a good site to get started http://gotphish.com)
Let’s Encrypt only revokes certificates if the private key is compromised, the certificate is mis-issued, or they are prohibited from issuing by United States law.
2 Likes
Meanwhile, if you’re talking about this:
https://community.letsencrypt.org/guidelines
(which is the only thing I could find that uses the phrase “code of conduct” with respect to Let’s Encrypt), note that it applies to users of this forum and code contributors, not to people or websites who happen to be using a Let’s Encrypt certificate. So if a holder of a cert harasses on the basis of body type (to pick something mostly at random from that page), on their own site, that doesn’t violate LE’s code of conduct. If they do it here, it does.
But if it’s a matter of a cert holder behaving inappropriately (however you may define “inappropriately”), see:
6 Likes