Fair point. It would be accurate to say that use of HTTPS provides integrity for SCTs when transmitted from a log to a log client.
On 6/9/15 7:09 AM, trans issue tracker wrote:
#82: Add a way to get the SCTs for entries returned by get-entries Comment (by [email protected]): It is not really true that fetching over HTTPS provides integrity: for a start, HTTPS is only as good as its inputs, which could be corrupted before HTTPS gets its hands on them.
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
