On 11/17/12 8:24 PM, "Paul Hoffman" <[email protected]> wrote:
>>And you cannot say "The CA industry" either, which is the answer for the >> CT-PKIX version. > >OK, so maybe you haven't been following the mailing list or reading the >draft. In the CT-for-PKIX proposal, individuals can submit their own >certificate. Under this approach, how does the log come to have certificates that a legitimate owner would like to be made aware of? I understand the utility of including the CT in the certificate and having an individual submit their certificate (or the CA on their behalf) but locking down a log to these sorts of inputs would seem to limit their usefulness for detecting rogue certs. _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
