%% You should probably cite draft-kent-trans-domain-validation-cert-checks-02 instead of this revision.
@techreport{kent-trans-domain-validation-cert-checks-00,
    number =    {draft-kent-trans-domain-validation-cert-checks-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-kent-trans-domain-validation-cert-checks/00/},
    author =    {Stephen Kent and Rick Andrews},
    title =     {{Syntactic and Semantic Checks for Domain Validation Certificates}},
    pagetotal = 11,
    year =      2014,
    month =     dec,
    day =       17,
    abstract =  {Certificate Transparency (CT) {[}RFC6962-bis{]} is a system for publicly logging the existence of X.509 certificates as they are issued or observed. The logging mechanism allows anyone to audit certification authority (CA) activity and detect the issuance of "suspect" certificates. Detecting mis-issuance of certificates is a primary goal of CT. A certificate is considered to be mis-issued if it fails to meet syntactic and/or semantic criteria associated with the type of certificate being issued. Mis-issuance can be detected by CT log servers, whose feedback to a CA could prompt the CA to not issue a suspect certificate. (Preventing the mis-issuance of such a certificate is preferable to issuing it and detecting it later.) Compliant CT log servers could offer these checks to a CA submitting a pre-certificate to be logged. These checks are intended to be used in an environment in which CAs optionally assert the version of the EV guidelines to which the submitted pre-certificate purportedly conforms. Log servers would then perform the checks of supported {[}CABF-DV{]} versions and include the CA's assertion and the log server's result in its Signed Certificate Timestamp (SCT). Monitors can also perform checks to detect suspect certificates on behalf of certificate Subjects. Checks performed by a Monitor also serve to double check log servers that claim to have checked a certificate, to identify those that are not doing the checks properly, e.g., because of errors, compromise, or conspiracy. This provides Monitors and CT clients with additional information when choosing which logs to use.},
}