G’day Rich, This is correct with one qualification – every TLS cert chained to the submitted Roots are CT logged. The exception is that we also issue Public Trust client certificates (through a separate Issuing CA) and these are not required to be logged. From memory, our EV’s currently go to 4 different logs, and OVs got to 3 different logs. We don’t do DV at this time.
Regards, -- Scott Rea Scott Rea Senior Vice President - Trust Services [cid:image447aa1.PNG@2f49b9ba.4485a5f4]<http://www.darkmatter.ae> Level 15, Aldar HQ Abu Dhabi, United Arab Emirates T +971 2 417 1417<tel:+971%202%20417%201417> M +971 52 847 5093<tel:+971%2052%20847%205093> E scott....@darkmatter.ae<mailto:scott....@darkmatter.ae> darkmatter.ae<http://darkmatter.ae> [Linkedin]<https://www.linkedin.com/company/dark-matter-llc> [Twitter] <https://twitter.com/GuardedbyGenius> [Year of Zayed] [expo] The information in this email is intended only for the person(s) or entity to whom it is addressed and may contain confidential or privileged information. If you receive this email by error, please notify us immediately, delete the original message and do not disclose the contents to any other person, use or store or copy the information in any medium and for whatever purpose. Any unauthorized use is strictly prohibited. From: Richard Salz <rich.s...@gmail.com> Date: Tuesday, February 26, 2019 at 5:31 PM To: Scott Rea <scott....@darkmatter.ae> Cc: <mozilla-dev-security-pol...@lists.mozilla.org> Subject: Re: DarkMatter Concerns So then every cert signed by the keys intended for the trust store will be CT logged? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy