OFAC/SDN check codebase?

I was wondering if there’s any code open source for how Let’s Encrypt checks the Office of Foreign Asset Control (OFAC) / Specially Designated Nationals lists? I looked through boulder, but was unable to find anything.

Thanks!

I have no official information.

Having said that, their commentary on these forums previously strongly suggests that they deal with OFAC SDN matters on a case by case basis once an accusation that they’ve transacted with a listed party has been brought to their attention. Presumably they then investigate and if they concur, they revoke the certificates issued and, I assume, add the tainted domain name to their blacklist.

Is there anyone at LE who can comment on this? I’d like to better understand the practice as well.

4 Likes

Your description of what happens is correct, @mdhardeman.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.