Like, you do understand the Internet is the world's largest life-critical system, right? For dozens of reasons (including the CA/B), it really shouldn't be, but it is. When a medical device breaks due to a certificate error, that's going to be on you. Heck, when a doctor can't find the right information at the right time because of a certificate error, that is on you. Should SCADA systems controlling critical infrastructure use PKI? No. Does it? Yep, everywhere. There are virtually endless things where the Internet working is in the critical path of life-saving and life-changing processes, not because they should be, but because the stack of technology is deep and confused and people make bad decisions. And the cool thing about automation is nobody looks at it until it unpredictably breaks.

When the Internet breaks, people die. It's all fun and games to talk about hypothetical security problems that you aren't actually solving as an excuse to make the Internet incredibly transient and fragile, but it has a real human cost.

Right now, over 80% of organizations have outages do to a certificate issue every year. That's really bad, and already due to the CA/B's poor decisionmaking. But at the existing certificate lifetimes, at least it's predictable. Now the CA/B wants to multiply the possible problem occurrences by a factor of ten. And an organization can't even just be concerned with their own certificates, because any layer of their stack's software or infrastructure having a certificate error can have downstream effects.

The reason I believe this change will be undone, is because ultimately it will have to. It will be so obviously wrong if it goes into effect that people opposed to undoing it will get removed from the decisionmaking until it is undone.