After reading cloudflare’s proposal for CAs,

(https://cabforum.org/pipermail/public/attachments/20151218/1bf5ecbe/attachment-0001.pdf)

I would like to know if Letsencrypt will consider applying the following policy:

If the Certificate asserts the Policy Identifier of 2.23.140.1.2.99, then the CA MUST

generate non-sequential Certificate serial numbers that exhibit at least 20 bits of entropy.

This provides a way to make it more computationally expensive for an attacker to forge a digital certificate using SHA-1.