On 21/04/2017 16:50, "Salz, Rich" <rs...@akamai.com> wrote: > > Speaking as one of the co-authors of [1]: it is not completely clear to me > > what is the limitation in CT that would prevent it to cope with the > > pervasive use of short-term certificates. Can anyone shed a light on this? > > I believe the concerns are scaling log servers and perhaps needing to > "rotate" them if, say, 90% of their tree is invalid in a year.
Thanks Rich. I need to double check that, but I guess there are remedies for the issues you mention -- e.g., adding more logs / having separate logs for very short term stuff. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
