Mentioning challenge type in subject OU

Has anyone among LE staff ever thought about mentioning the challenge type in organizationalUnitName?

For me the main point is how much trust to put. During private beta, I obtained my first LE cert for the domain that I don’t even own. DVSNI challenge succeeded by having control over the server which is specified in DNS A-record.

It would be impossible to pass DNS TXT challenge, so it can be considered a security enhancement, and I wonder why this wasn’t a priority before public beta.

I’m not sure if Baseline Requirements allow CAs to put anything in the OU field for domain-validated certificates.

For end users, this won’t really be relevant - no one’s going to check that field manually.

If someone delegated control over a domain to you, it should be expected that you’re able to acquire a certificate for that domain. This is in line with other CA’s practices. Legal ownership of the domain isn’t a factor here, IMO.