|
|
|
|
|
|
by xg15
819 days ago
|
|
|
And then what? What are you supposed to do in the meantime until browsers have decided to distrust the CA? Also, how do you detect "obscure" CAs in the log? If your CT monitoring daemon has some logic to distinguish "good" from "bad" CAs, why not use that logic directly in the app and implement certificate pinning? |
|
|