Hi @sqrtroot,
As far as I'm aware @jsha's response on that thread is still the status quo:
under current BRs, a name constrained subordinate has to meet all the same requirements an unconstrained subordinate does, which means secured storage and audits. It would be quite a lot of work and expense!
It is not something Let's Encrypt is able to pursue in the short to medium term.