My mistake, I thought it's in BR but it doesn't, only Chrome/Safari requires it.
在2022年8月31日星期三 UTC+8 00:54:41<[email protected]> 写道: > If the final certificate is submitted to logs it would be in monitors, but > most CAs do not, and for those issuers, the only certificates in the logs > are those that are discovered by crawlers or individuals that submit them > to the logs. In other words, you can not rely on final certificates being > present in logs. > > Ryan > > On Tue, Aug 30, 2022 at 9:38 AM John Han <[email protected]> wrote: > >> So as they submitted final certficate to logs, it doesn't matter that >> certificate should be visible to tools like crt.sh? >> >> 在2022年8月30日星期二 UTC+8 22:48:48<[email protected]> 写道: >> >>> Yes, very few CAs currently publish final certificates, the final >>> certificates in the logs are usually discovered by crawlers. >>> >>> Technically it is even permissible to not log pre-certificates as well. >>> Not doing so means visitors to a site that uses that certificate will >>> receive an interstitial that must be bypassed by the user though. >>> >>> Ryan Hurst >>> >>> >>> >>> On Tue, Aug 30, 2022 at 12:59 AM John Han <[email protected]> wrote: >>> >>>> Hi All, >>>> Recently I have found this PreCertificate https://crt.sh/?id=7319399876 >>>> but its related Certificate not found in CT log. >>>> Is this compliance with current policy? >>>> >>>> HAN Yuwei >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "[email protected]" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/0904ff95-841a-49d5-923b-9cfac12d3b53n%40mozilla.org >>>> >>>> <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/0904ff95-841a-49d5-923b-9cfac12d3b53n%40mozilla.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/14ad72f3-1519-43fc-a568-e96f365c18fbn%40mozilla.org.
