Actually, 1204656 doesn't need to be fixed in order to get Firefox to accept this cert. As https://letsencrypt.org/certificates/ explains,

> IdenTrust will cross-sign our intermediates. This will allow our end certificates to be accepted by all major browsers while we propagate our own root.

The cross-signature is expected to happen before the mainstream browsers finish processing our application to be a root CA. That will be the main initial mechanism by which browsers trust our certificates.