1) Let's Encrypt are based in the United States and are already forbidden from issuing domains to certain people[0] due to US law.
2) Having a separate production implementation of an ACME-compliant system would help make sure that the protocol is as robust as it can be
[0] Notably Iran and Syria - several certificates issued for gov.[ir|sy] had to be revoked after they slipped past their blocklist: https://community.letsencrypt.org/t/blocklist-incident-novem...
https://crt.sh/?Identity=%25.sy&iCAID=16418 https://crt.sh/?Identity=%25.cu&iCAID=16418 https://crt.sh/?Identity=%25.sd&iCAID=16418 https://crt.sh/?Identity=%25.ir&iCAID=16418
1) Let's Encrypt are based in the United States and are already forbidden from issuing domains to certain people[0] due to US law.
2) Having a separate production implementation of an ACME-compliant system would help make sure that the protocol is as robust as it can be
[0] Notably Iran and Syria - several certificates issued for gov.[ir|sy] had to be revoked after they slipped past their blocklist: https://community.letsencrypt.org/t/blocklist-incident-novem...