Hi all,
Saw the following posted to Hackernews today:
If I'm understanding correctly, the plan is to issue a regular X509 certificate (probably via Let's Encrypt?) per Firefox release, for a special domain name that includes a Merkle tree hash for the files in that release, with a known suffix (".
fx-trans.net").
In that manner they can piggy-back on top of the CT ecosystem (including existing logs, including existing search / monitoring tools, and presumably gossip if/when that's solved).
This seems like a really cool hack!
Cheers, Adam