I had _just_ pushed an updated actions workflow, saw that it began to run, and noticed that my entire repository was 404-ing. Not gonna point fingers, but uh, sorry everybody.
A certificate was issued to someone who isn't the domain owner. Just because the CA can't be blamed because the requester was able to spoof domain validation in a way that the CA can't be expected to detect doesn't mean that a good CA isn't interested in what happened and whether it can somehow be prevented in the future.
One obvious possibility could be e.g. sending a notification to the previous ACME account: "hey, a new ACME account request a certificate for your domain".
Following bad leaders leaves a bitter historical taste in my mouth and is rather insensitive to the feelings of those who fell victim to such attrocities.
Hitler was the leader.
The Nazis were the followers.
It shouldn't be hard to connect the dots.
(also, becuse this is the internet a mention of Poe's is mandatory...)