top | item 45019138

(no title)

ayende | 6 months ago

If you are checking the cert logs, it is a very tiny bit to validate the key as well. If you aren't checking... well, that isn't a concern anyway, now is it?

And the whole _point_ of the cert transparency log is that it only take _one_ such instance to ruin the credibility of a CA.

The fact that you do that in the public, and that it is _forever_, make it very hard to do in the shadows.

discuss

No comments yet.