Yes, very few CAs currently publish final certificates, the final certificates in the logs are usually discovered by crawlers.
Technically it is even permissible to not log pre-certificates as well. Not doing so means visitors to a site that uses that certificate will receive an interstitial that must be bypassed by the user though. Ryan Hurst On Tue, Aug 30, 2022 at 12:59 AM John Han <[email protected]> wrote: > Hi All, > Recently I have found this PreCertificate https://crt.sh/?id=7319399876 > but its related Certificate not found in CT log. > Is this compliance with current policy? > > HAN Yuwei > > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/0904ff95-841a-49d5-923b-9cfac12d3b53n%40mozilla.org > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/0904ff95-841a-49d5-923b-9cfac12d3b53n%40mozilla.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CALVZKwaD2SDFi-0rEFTd%3DejUKVz%3DWZ7VNxuv0y_8yCcjTZoBCg%40mail.gmail.com.
