On 2019-01-03 16:25, Jakob Bohm wrote:
There is the date fields in the SubCA certificate itself, as well as any
embedded CT data (assuming the parent CA is correctly CT-logged).
Do you expect precertificates for CA certificates?
I currently don't know if there are any requirements for logging CA
certificates in CT. I assume it was only for subscriber certificates,
but I didn't check what Google's current policy is. So it's possible
that a CA certificate is only be logged the first time a subscriber
certificate is generated.
Kurt
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
