> One can compare three logs and if they differ you know who and where the > rogue is, right?
> Hmm.... Not unless all logs are required to have every certificate (at least > within a given scope). > Otherwise, the fact that a certificate is in log A but not log B doesn't tell > you anything about log B. So far the Chrome policies requires two or more, and the draft Moz policy is three or more IIRC. So for a given CA, a disagreement identifies that *one* of the logs is wrong, right? _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
