https://letsencrypt.org/.well-known/security.txt does not implement RFC9116 correctly

[Deleted user]

The live site: https://letsencrypt.org/.well-known/security.txt
and its source https://github.com/letsencrypt/website/blob/main/static/.well-known/security.txt
is not following RFC9116 correctly; at minimum the Contact information is in the wrong format.
please see https://www.rfc-editor.org/rfc/rfc9116#section-2.5.3

Additional information can be found:

1. https://www.rfc-editor.org/rfc/rfc9116
2. https://securitytxt.org/
3. https://en.wikipedia.org/wiki/Security.txt

[jprenken]

Fixed. Many thanks!

[Deleted user]

Additionally it turns out that there are more MUST always than that; sorry.
One is Expires https://www.rfc-editor.org/rfc/rfc9116#section-2.5.5