> For what it's worth, I do not read 6962-bis as "very much being focused" on > CA-based logging. Consider, for example, certificate subjects submitting > certificates to logs, something that is done without CA involvement and can be > done in response to (e.g.) Logs being distrusted or browsers increasing the > required number of SCTs. It's unclear that CAs have as much incentive as > subjects to be responsive to changing events in this way.
SCTs have to be included in the certificate so logging by third parties does not help with that problem. -Tim
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
