I had been meaning to post somewhere that they issued a certificate to kza.org.kp a few months ago but didn't really seem worthy of its own thread.

I am no lawyer, but while there do appear to be some exemptions for communication related services, it's not clear that this qualifies as LE isn't actually providing telecommunications, just a certificate file. And it's not even an issue of the encryption itself, North Korea is under a general embargo so any exports or trade whatsoever is restricted by default.

As an aside, many of North Korea's web servers appear to be old enough to have Heartbleed based on their banner versions, but most don't actually have HTTPS in the first place.