|
|
|
|
|
|
by iancarroll
3529 days ago
|
|
|
To be clear, these enterprise roots are the ones workplaces install on local machines but are not shipped by the OS. Currently, CT logs have a list of roots that may submit to their log. If you run your own self-signed CA, you cannot (usually) use these logs, and there is a lot of effort and little benefit to running your own log setup. CT tries to protect relying parties from bad issuers, but when the relying party is the same person as the issuer, it is not as beneficial. |
|
|