So someone on Mozilla's dev-security-policy mailing list said "I doubt Let's Encrypt would issue for paypal.any_valid_tld".

I saw that the domain was available for 13€, purchased it, instantly got a certificate and now is a thing.

* Domain was just taken down by the registrar because I registered it using a bogus address ¯\_(ツ)_/¯

However, the issued certificate can be seen here:

@Sir_Boops Oh, that just happened. I may or may not have registered it using a bogus address.

@jomo your domain will be yanked soon as soon as PayPal notices due to wipo

@gme Does the UDRP process apply when the domain name is not used in bad faith?

@gme @jomo You can add to your /etc/hosts and the certificate should still be valid.

@jomo @gme its just a cool place for pals to pay each other cologne, where's the bad faith?

You can use my address if you want to bring the site back up

@alfred @gme Thanks. Account is already closed and the domain purged. Already served its purpose, too.

Probably going to use an existing address from next time instead of random bullshit.

@jomo I don’t think the problem is let’s encrypt there, as you’re not supposed to register domains that are reserved by a trademark. (at least for some TLDs I know that it’s the case).

@lanodan exactly. I did this to proof them wrong.

@lanodan @jomo Let's Encrypt's blacklist started off with Alexa top 1000. That included too many "non-dangerous" domains but didn't include some "dangerous" ones outside the top 1000. They then handpicked domains out of the top 1000 and wildcarded the TLD for some international domains. That caused issues, especially with two and three letter domains that weren't owned by the banks they were blacklisted for. Now they include TLDs registered by the same corp, which is the best method IMO.

@jomo good reminder that LE is only a DV provider. They don't do EV, in which case you couldn't get a EV validated cert issued to "Paypal Inc." or similar

Sign in to participate in the conversation

Fast, secure and up-to-date instance, welcoming everyone around the world. Join us! 🌍
Up since 04/04/2017. ✅

Why should you sign up on

This instance is not focused on any theme or subject, feel free to talk about whatever you want. Although the main language is english, we accept every single language and country.

We're connected to the whole OStatus/ActivityPub fediverse and we do not block any foreign instance nor user.

We do have rules, but the goal is to have responsible users. So far we haven't had any issue with moderation

The instance uses a powerful server to ensure speed and stability, and it has good uptime. We follow state-of-the-art security practices.

Also, we have over 300 custom emojis to unleash your meming potential!

Looking for a Kpop themed instance? Try