Iran is blocking internet for months, US ...bans creation of secure connections - that'll show 'em!
Russian quasi-government structures are spending quadrillion of rubles on a TSPU (censorship system) to spy on Russian residents, US ...helps them by making snooping on what is currently encrypted traffic possible by banning accessible encryption!
Let's Encrypt certificates continue to be available in both Iran and Russia, just not for the Iranian and Russian governments.
The terms of service update to clarify what we have always done, comply with relevant law, has not changed the situation for either country.
> Let's Encrypt certificates continue to be available in both Iran and Russia, just not for the Iranian and Russian governments.
According to https://news.ycombinator.com/item?id=48457280 it affects all people ordinarily resident in those territories, not just their governments:
> You are not a person or entity that is:
> (a) located in, organized under the laws of, or ordinarily resident in any country or territory that is the target of comprehensive U.S. sanctions;
> [other 'or' conditions]
Sanctions compliance is unfortunately fairly complex.
Let's Encrypt can issue certificates for non-government entities in Iran and Russia due to statutory exemptions protecting personal communications, alongside specific Office of Foreign Assets Control (OFAC) authorizations designed to promote Internet freedom and human rights.
We will look into whether we can make things more easily understandable in the subscriber agreement.
> You are not a person or entity that is: (a) located in, organized under the laws of, or ordinarily resident in any country or territory that is the target of comprehensive U.S. sanctions
Seems to be pretty clear that it would include non-government entities in sanctioned countries.
I wonder what "ordinarily resident" means legally. Like has a permanent address there, even if they don't live there physically..?
Yes. If you are, for example, even a US citizen, permanently living in Crimea, you are still subject to limitations, imposed by sanctions.
I'm not sure if you're talking generally about sanctions or specifically about Let's Encrypt, but to avoid any doubt: citizens of Crimea are free to use Let's Encrypt. We do not, however, serve government entities in occupied Crimea.
you should update the documents to reflect this stance.
"You are not a person or entity that is: (a) located in, organized under the laws of, or ordinarily resident in any country or territory that is the target of comprehensive U.S. sanctions; "
this says nothing (edit: specific) about government (edit: only), and is applicable to normal people in those areas.
A government falls under "entity". So it's about normal people AND governments (and other entities).
Still needs updating if it's supposed to only apply to governments, though.
[Iranian here] Completely agreed. Reminds me of how US banned citizens and businesses in Iran from using cloud infrastructure like AWS or digital ocean, leading to people and businesses moving to the government-sponsored local cloud services, and that made it super easy for the government to block internet access whenever they want without essential services like banking, ecommerce, online taxi booking, food delivery etc being disrupted.
TSPU isn't for spying, it's for censorship enforcement and everything else that makes the experience of using the internet here miserable without a VPN. It's SORM that's for spying. And Roskomnadzor is very much part of the government.
wait until you find out about Facebook!