> > I don't see this as different to the current spam potential with CT logs > right now - anyone could distribute out the creation of a bunch certificate > requests with the likes of Let's Encrypt and submit a bunch of certificate > chains to CT logs.
Let's Encrypt (and other free CAs) have tight rate limits [1], which would be unreasonably tight for all applications. There is an escape hatch: if the rate limit is a problem, you can just buy a certificate with some other CA. Best, Bas [1] https://letsencrypt.org/docs/rate-limits/ >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls