Hi Arabella, I recommend raising this on the ct-policy mailing list (https://groups.google.com/a/chromium.org/g/ct-policy).
Though my question would be - why is Certum issuing certificates with embedded SCTs from a log that's not listed as Qualified or Usable in Apple's log list? This certificate also contains an SCT from Google Argon 2027h1, which while Usable by Apple, is not yet Usable by Chrome or Mozilla. Regards, Andrew On Mon, 1 Dec 2025 19:51:28 -0800 (PST) Arabella Barks <[email protected]> wrote: > [image: 9312cc9414c2e964bffb1f53f6d215e5.png] > > DigiCert 'Wyvern2027h1' > LogID: 00 1A 5D 1A 1C 2D 93 75 B6 48 55 78 F8 2F 71 A1 AE 6E EF 39 7D > 29 7C 8A E3 15 7B CA DE E1 A0 1E > DigiCert 'sphinx2027h1' > LogID: 46 A2 39 67 C6 0D B6 46 87 C6 6F 3D F9 99 94 76 93 A6 A6 11 20 > 84 57 D5 55 E7 E3 D0 A1 D9 B6 46 > > > -- > You received this message because you are subscribed to the Google > Groups "[email protected]" group. To unsubscribe from > this group and stop receiving emails from it, send an email to > [email protected]. To view this discussion > visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/e437bda8-611f-47fd-95c5-bba884394f36n%40mozilla.org. -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/20251202082326.f2ebd8cff903c11a8d202287%40andrewayer.name.
