G’day Rich,
This is correct with one qualification – every TLS cert chained to the
submitted Roots are CT logged. The exception is that we also issue Public Trust
client certificates (through a separate Issuing CA) and these are not required
to be logged. From memory, our EV’s currently go to 4 different logs, and OVs
got to 3 different logs. We don’t do DV at this time.
Regards,
--
Scott Rea
Scott Rea
Senior Vice President - Trust Services
[cid:[email protected]]<http://www.darkmatter.ae>
Level 15, Aldar HQ
Abu Dhabi, United Arab Emirates
T +971 2 417 1417<tel:+971%202%20417%201417>
M +971 52 847 5093<tel:+971%2052%20847%205093>
E [email protected]<mailto:[email protected]>
darkmatter.ae<http://darkmatter.ae>
[Linkedin]<https://www.linkedin.com/company/dark-matter-llc> [Twitter]
<https://twitter.com/GuardedbyGenius>
[Year of Zayed] [expo]
The information in this email is intended only for the person(s) or entity to
whom it is addressed and may contain confidential or privileged information. If
you receive this email by error, please notify us immediately, delete the
original message and do not disclose the contents to any other person, use or
store or copy the information in any medium and for whatever purpose. Any
unauthorized use is strictly prohibited.
From: Richard Salz <[email protected]>
Date: Tuesday, February 26, 2019 at 5:31 PM
To: Scott Rea <[email protected]>
Cc: <[email protected]>
Subject: Re: DarkMatter Concerns
So then every cert signed by the keys intended for the trust store will be CT
logged?
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
