On 18/10/16 15:42, Ryan Hurst wrote:
> I do not understand the desire to require StartCom / WoSign to not
> utilize their own logs as part of the associated quorum policy.
My original logic was that it could be seen that the log owner is
trustworthy. However, you are right that CT does not require this.
If the consensus of the group is that it's OK for StartCom/WoSign to run
their own CT servers for the 2nd log, we can drop that part of the
dev-security-policy mailing list