On Sat, Oct 01, 2016 at 11:35:06AM -0700, Percy wrote:
> "Apple products will trust individual existing certificates issued from this 
> intermediate CA and published to public Certificate Transparency log servers 
> by 2016-09-19"
> 
> It seems that Apple has taken the explicit white-listed approach despite the 
> size drawback mentioned in the other thread.

>From what I get, they check that it's been logged in CT. And I'm
not sure what that means, like doing an online check against at CT
log, require that the SCT has been stappled or have a whitelist.


Kurt

_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to