Let’s Encrypt Subscriber Agreement in § 3.3.1 says:
You warrant to ISRG and the public-at-large that You are the legitimate registrant of the Internet domain name that is, or is going to be, the subject of Your Certificate, or that You are the duly authorized agent of such registrant.
What does it legally mean to be the duly authorized agent of a registrant in this context?
Is it enough that subscriber is given by a registrant a sufficient control over the subdomain to successfully complete ACME challenge (as opposed to gaining such control against registrant’s will), or it requires something more?
In the latter case it would seem to imply that Let’s Encrypt certificates couldn’t be used with variety of dynamic DNS services or similar, but I see many people using domains from Afraid’s FreeDNS so I suppose it must be the former. Can someone confirm that?