Mozilla currently doesn't have any policy with respect to Certificate Transparency, so I think diving in on this particular point is putting the cart before the horse :-)
Currently Firefox does not check/require SCT presence nor does the Mozilla root program require certificates to be logged. Alex On Mon, Apr 2, 2018 at 12:26 PM, Tom Delmas via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > Following the discussion on https://community.letsencrypt. > org/t/non-logging-of-final-certificates/58394 > > What is the position of Mozilla about the submission to ct-logs of the > final certificate when there is already a pre-certificate? > > As it helps discover bugs ( https://twitter.com/_quirins/s > tatus/979788044994834434 ), it helps accountability of CAs and it's > easily enforceable, I feel that it should be mandatory. > > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy