On Mon, 25 Dec 2017 04:19:58 -0800 (PST) "Adrian R. via dev-security-policy" <dev-security-policy@lists.mozilla.org> wrote:
> Side question: why wasn't the certificate from DigiCert logged into > Certificate Transparency logs when it was issued and it had to be > discovered this way? There's no requirement for CT logging yet. Right now certs can end up in the CT log because: 1. the CA voluntarily submits them (LE does). 2. there's been a special situation that the CA needs to log certs (e.g. this happened to Symantec after the first issues with them) 3. it's submitted by some third party. (everyone can do so.) -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
