← Back to context

Comment by account42

3 years ago

> and would likely cause browsers to drop the (edit) CT log unless provided with a very plausible excuse that isn't "we complied with a court/gag order"

a) Browsers aren't the only clients that matter. Will any XMPP client even look at the CT log? Probably not.

b) Browsers are not going to drop all US-based certificate authorities. And if they tried they might just get their own national security letter (reminder: all major browsers are US-based).

You can't work around the government using centralized infrastructure.