"the TLS client validates the log’s signature on the SCT to verify that the SCT was issued by a valid log and that the SCT was actually issued for the certificate (and not some other certificate)." (http://www.certificate-transparency.org/how-ct-works)
Is
information identifying a particular certificate contained within the
SCT, or does the browser have to do a reverse lookup with the log to
find the certificate associated with an SCT and then compare that
certificate with the one the browser received alongside the SCT?
I don't see an obvious way the browser could verify an SCT is valid based upon the following screen capture?:
--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsub...@googlegroups.com.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsubscr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/07426cfd-b175-4e5c-8b94-17baac76ebc5%40googlegroups.com.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/07426cfd-b175-4e5c-8b94-17baac76ebc5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/CAHse%3DS8%2BP%3DL6bPgF%2Bwz5PjKOyrDxorBJEtrspJqLL_0VahnjTA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsub...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsub...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/07426cfd-b175-4e5c-8b94-17baac76ebc5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsub...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/CAHse%3DS8%2BP%3DL6bPgF%2Bwz5PjKOyrDxorBJEtrspJqLL_0VahnjTA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
--Thanks,--
V.Purnima
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsub...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/CAOSnnjLOjUC%2Ba-F9FO%2BOeO4x-qMP%2Bq5rosV3q7m-ERiqrVw%3DzA%40mail.gmail.com.