>
> I don't see this as different to the current spam potential with CT logs
> right now - anyone could distribute out the creation of a bunch certificate
> requests with the likes of Let's Encrypt and submit a bunch of certificate
> chains to CT logs.
Let's Encrypt (and other free CAs) have tigh
> There's nothing to be gained by publishing SCTs in self-issued DANE-EE
> validated certificates. Are you proposing to make SCTs mandatory in
> DANE? Which user agents would insist on such SCTs and why? If not,
> what problem would optionally including them solve?
Yes, primarily for browser user
