[bart__]

Browsers will check if a certificate is in the transparency log, and alert the user if it isn't if I am not mistaken.

[crtasm]

But XMPP clients do not, as far as I'm aware? and browsers aren't connecting to XMPP server ports.

[est31]

Yeah usually the TLS libraries used by XMPP clients don't check SCTs. Not even all browsers do it. Chrome does it, Firefox does not for example.

[privacyking]

Source?

[bart__]

https://developer.mozilla.org/en-US/docs/Web/Security/Certif...

As the other commenter already pointed out, Firefox does not require this. Safari and Chrome do. This indeed is not directly applicable to this situation, since XMPP don't involve browsers. But for websites, the parents attack scenario is not applicable.