Hi @tdelmas! Thanks for raising this, and sorry it’s taken a couple of days to reply. Your detailed analysis of the properties various web clients is especially cool and informative.
We’ve definitely thought about the possibility of an official Let’s Encrypt web-based client to decrease the risks involved in people trusting third parties to perform domain validation for them. But our feeling so far has been that it would be a moderate amount of work that takes away from other things we want to do, and that it doesn’t further our goals of making HTTPS easier for everyone.
I think in most “emergency” cases, the availability of a web based client doesn’t actually mitigate them very much. For instance, in the “husband died” thread (thanks for pointing that out, I’d missed it), the main stumbling block was not actually getting the certificate, but finding the SSH keys to log in to the server. Similarly, in the cases you mentioned where your hosting provider blocked your account or went bankrupt, you would have the bigger problem that your site is not hosted anywhere, making it hard to perform domain validation or upload a certificate once you did. The next step would be to pick a new hosting provider, and if HTTPS is important to you, presumably you would choose the next provider with an eye towards automated HTTPS support.