301
Say (an encrypted) hello to a more private internet. | The Mozilla Blog
(blog.mozilla.org)
A place to discuss the news and latest developments on the open-source browser Firefox
This should also be done for CA keys. If ACME can make DNS ownership the source of trust, just let me stuff my own root CA cert in a DNS record and skip the middle man.