That figures. When will we stop giving money to those scumbags? Trying to register the Let's Encrypt trademark was enough for me to never give them a cent again.
I doubt they just went out and did it randomly. I'd guess it was done via court order. The ACS got a court order against them that also ordered that 'internet search engines, web hosting sites, internet service providers (ISPs), domain name registrars and domain name registries cease facilitating “any or all domain names and websites through which Defendant Sci-Hub engages in unlawful access to, use, reproduction, and distribution of the ACS Marks or ACS's Copyrighted Works.”' (https://www.sciencemag.org/news/2017/11/court-demands-search...)
Alternatively, Microsoft might have had something to do with it (they're super anti-piracy, and have a contract with all the CAs that requires them to unilaterally revoke any cert at Microsoft's discretion), but I think that's far less likely than the court order.
> If Microsoft, it its sole discretion, identifies a DV Server Authentication certificate is being used to promote malware or unwanted software, Microsoft will contact the responsible CA and request that it revoke the certificate. The CA must either revoke the certificate within a commercially-reasonable timeframe, or it must request an exception from Microsoft within two (2) business days of receiving Microsoft’s request. Microsoft may either grant or deny the exception at its sole discretion. In the event that Microsoft does not grant the exception, the CA must revoke the certificate within a commercially-reasonable timeframe not to exceed two (2) business days.
This is absolutely insane, and Microsoft really has no position to make these demands. Does McDonalds have the right to get your drivers licensed revoked?
(Even if you say... use the drive thru to steal mcnuggets?)
I‘m really no expert on American law but can such a broad worded verdict be legal? I would have imagined that they‘d have to name every company/person that has to comply with it.