[cabfpub] Ballot 161 - Notification of incorrect issuance

Sigbjørn Vik sigbjorn at opera.com
Mon Feb 1 18:33:54 UTC 2016

On 01.02.2016 18:25, Wayne Thayer wrote:

> The ambiguity introduced by adding this reporting requirement to the BRs

Perhaps you would enlighten us to what you think this ambiguity consists of?

> No, all browsers don't need CT support for it to be a comprehensive reporting mechanism. Detecting unlogged certificates is effective when just one major browser requires CT.

How would you detect an unlogged certificate used in a targeted attack 
against users on vulnerable browsers?

Sigbjørn Vik
Opera Software

More information about the Public mailing list