This usually indicates that the CA was issuing non-compliant certificates and needed to prevent further non-compliance. Will be interesting to watch Bugzilla for the incident report: https://bugzilla.mozilla.org/buglist.cgi?product=CA%20Progra...