1. 4
  1.  

  2. 2

    As far as I know, .pw domains are the cheapest to get a hold of, so I imagine they’re a common source of malware and scams. Maybe revoking all certs wasn’t the right thing to do, but it’s not entirely unjustified. Personally I wouldn’t much trust a website on a .pw domain even if its certificate were valid.