A lot of the pushback browser vendors got for locking APIs behind so-called "secure contexts" was because everyone (including them) knew this would happen. If there is a centralized system, some politician will manage to find a way to fuck with it.

Iran and other tyrannical governments can easily set up their own CAs and force their citizens to use them. Iran likely already has this infra in place. This ban does nothing but highlights LE as the liability it is. The decades-old certificate authority scheme is no longer fit for purpose and needs to go.

If you're a web developer, consider offering your site through public key-addressable networks. Reticulum and Tor are good options that work today.