If logs were not trusted, then nobody would rely on them. It seems
more accurate to say that a log is trusted by its clients (CAs, TLS clients,
and Monitors) until it is detected misbehaving. An essential aspect of CT
is that it tries to provide mechanisms to enable third parties to
detect such mis-behavior.
Steve
#117: log description as "untrusted"
Comment (by [email protected]):
FWIW, I really like the term "untrusted".
Remember the “I don’t trust used car salesmen as far as I could throw
them.” idea -- the whole point is to not _have_ _to_ trust the logs,
aight?
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
