What will happen when LE reaches critical mass acceptance?
If (almost) every domain includes the same CA: issue: letsencrypt.org issuewild: letsencrypt.org
What good would using CAA do?
Should it be broken down into smaller blocks?
By country? issue: us.letsencrypt.org issue: de.letsencrypt.org
By intermediaries? issue: int15.letsencrypt.org issue: int44.letsencrypt.org
I’ve heard that not everyone in the CA/Browser Forum is in complete agreement about the right way to do that, but hopefully if the IETF process reaches a consensus, the CA/B Forum will be OK with that consensus too.