zlacker
[parent]
[thread]
1 comments
1. Comman+(OP)
[view]
[source]
2025-12-18 17:27:44
Isn't certificate transparency opt-in, so any trusted CA could be a potential attack route.
replies(1):
>>JoshTr+i6
◧
2. JoshTr+i6
[view]
[source]
2025-12-18 17:56:46
>>Comman+(OP)
Browsers now require it to consider a certificate valid. Firefox, Chrome, and Safari all require a certificate to include proof of being logged in CT logs.
[go to top]