It's a reality of the current CT system. If a crawler sees a short-lived certificate, it will submit it to a CT log and it will be accepted.
On Tue, Jul 18, 2017 at 2:45 PM Salz, Rich <rs...@akamai.com> wrote: > > Con short-lived certs: > > - Potentially problematic to the CT ecosystem (all certificates must be > logged in CT, which may bloat them). > > That's a browser policy, not an IETF requirement, right? > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
