Ben,
Until there is such a mechanism, omitting serial numbers makes it hard (or impossible?) for anyone to take effective action on violations discovered via CT. So, CT has to require serial numbers until then. This language allows that to happen.
I think we're in agreement, which I why I proposed an alternative mechanism to log serial numbers, without requiring a CA to have to assign them prior to final cert issuance.
Steve _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
