Hey, I'm an European, and I welcome this. Apache is widely used, and it's security is for the common good. At the very least, this is a step in the right direction. The only downside I can think of, is that Apache is already heavily scrutinized by both static analyzers and 'real human being' audits, so it this particular choice may be of limited use. Still, a mayor step forward in my opinion.