[michaelt]

If you are able to compromise a CA and generate a bogus certificate, why couldn't you also compromise a certificate transparency log provider and generate a bogus signed merkle hash?

(Not that I'm a DNSSEC user myself, my feet aren't bulletproof)

[nickf]

Not sure what you really mean here - CAs are required to get SCTs from multiple, independently-operated logs. Even then, I think what you're implying here is mathematically impossible, and easily and immediately detectable. Bear in mind on at least 2 occasions these logs have detected and been decommissioned based on cosmic-ray induced bit-flips, not discovered by the actual log operators. CT is a pretty robust system.

[matthew9219]

Fwiw (tangent), I don't necessarily believe either of those instances were cosmic-ray induced bit-flips. I'd have to dig up the study, but I read a study once that more or less concluded "cosmic-rays are more common in memory unsafe languages and on overclocked PCs". Or more accurately, engineers frequently misattribute memory corrupt and operating outside specification to cosmic rays.

Particularly when the software in question is running on somebody else computer, proprietary software and OS (or OS modules), unknown patch versions, etc.