Hi, does LE apply any sort of restriction to requestors from given countries (namely Russia, Belarus, Syria...)? I am not referring to given extensions of the domains, but on requestors (such as public entities or Companies from those countries). How is it performed? Thanks
Let's Encrypt won't/can't issue to entities on the US "Specially Designated Nationals list". That's about it for "political"-type reasons that I'm aware of, though there are other restrictions for high-value/high-popularity domains that they have blocked unless the owner specifically talks to them about it.
There is also a rule that governments of particular sanctioned countries can't get Let's Encrypt certificates.
(That's different from the SDN list.)
Adding to what @petercooperjr and @schoen said above:
IIRC, LetsEncrypt - and many other technology providers - use a third party service to match domains/accounts against the sanctioned lists mentioned above. Those services have resulted in both false positives and false negatives in the past.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.