On Mon, May 12, 2014 at 11:56 PM, Joseph Bonneau <[email protected]> wrote: > On Mon, May 12, 2014 at 2:01 PM, Nico Williams <[email protected]> > wrote: >> You're assuming I zones below the ones that matter audited, but I >> don't. I want the root ones audited -- same as with the TLS server >> PKI. Why would I have wanted anything else? > > > Your original email didn't specify if you were interested in logs only for > the root/important TLDs or for every domain. I (and I think others in this > thread) interpreted the idea as being some form of hierarchical logging for > all or almost all (non-private) domains. Are we on the same page now that > the stronger version seems very unlikely in the short to medium term?
Is CT intended to be run all the way from the root to the CAs furthest from the root? I didn't think it was, and if it is, please tell me. Incidentally, rfc6962bis could use an operational considerations section covering issues such as what CAs are expected to be logged. Nico -- _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
