Ben,
One of the nice properties of CT is that anyone can mirror a log and
still retain the ability to prove correct operation, without access to
the log's private key.
sure, that's an obvious property of the Merkle tree design.
Thus, we do not need to require log operators to support DNS in order
to take advantage of it. For example, we intend to provide DNS for all
logs Chrome trusts.
That's a subtly different statement from what I noted. It says that
Google chooses
to provide this service for some set of logs, without those logs needing
to do any
more work.
Not that this means you should not point out the potential problem,
just thought it was worth pointing out.
We're in agreement on that point.
Steve
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
