[rakoo]

Ok I see, KT provides a visible log of all changes happening to a given key, but my initial question still stands: I can squat, say, eschmidt@google.com today and wait for someone to pay me a huge amount of money to give up that name ?

[Ajedi32]

I'm not 100% sure, but it sounds like that's outside the scope of key transparency, and Google is envisioning that the ["certification authority that the system [represents]"][1] would verify that you indeed own `eschmidt@google.com` before letting you register an account using that address.

[1]: https://github.com/google/key-transparency/blob/master/docs/...

[rakoo]

Ah, that's something that I didn't see at all: google would be in charge of running the KT peer for google.com, yahoo for yahoo.com, etc...

Thanks for the clear-up !