*** Jonathan Lane [2021-08-04 18:54]:
>I disgree with your modeling of the threat environment.  If a government
>agency is going to interfere with a TLS CA like Let's Encrypt, the
>threat posed by that is that they can silently MITM a website like
>NNCPGo.org.  They can do that right now anyways due to plaintext HTTP.

Forget to note that by using Let's Encrypt I explicitly allow only
(hopefully!) US/NATO to MitM the traffic. And the main question for me:
why would I want to do that? Why US? Why not China or my native country
special forces? So the choice is: either I allow only US to MitM my
website, or allow everyone to do so. This is easy choice for me.
Actually I am allowing to do more comfortable certificate pinning,
because of 1-year certificates, and authenticating with my
OpenPGP-signed trust anchor. Also all certificate hashes are kept inside
CAA DNS records on the DNSCurve servers, which public keys are also
signed with my OpenPGP one.

-- 
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263  6422 AE1A 8109 E498 57EF