Ben,
Oh, also:4. Require SCTs for all certs in the chain, which prevents hiding the alternate intermediate.
If one were to do this, then it would seem to be a significant change to the CT design, affecting TLS clients, CAs, and Subjects (who acquire SCTs for themselves). Do you really want to mandate this? Steve _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
