If you add CT log links, I recon you should add at least two from separate companies.
Adding CT log links is IMHO only really useful for transparancy reasons and with that reason in mind, I think we should not rely on just one external entity.
By the way, the Chain of Trust-page linked also by @_az above also contains a Certificate Transparency section at the bottom:
All good points. As with _az, my intention was simply quick reference of the certificate information. I feel like the crt.sh links would be best placed in their respective sections for quick access rather than at the bottom. While I definitely understand the spirit of fairness and robustness, I don't want to overcomplicate the content with too much redundancy. Anyone wishing to find the identical information elsewhere can readily do so.
As a note though, I ran into trouble looking up a couple of these intermediate certificates by their serial numbers with crt.sh. Might be something worth checking into.
None of the intermediate certificates that I listed that were signed by ISRG Root X1 could be found by their serial numbers. I found them searching by their common names (and weeding through the results).
To compensate for the sign bit of the highest nibble. Makes sense. I found myself trimming off the leading zeros of the hex representations of the RSA n and e when constructing the JWK for ACME registration.
Personally, I wouldn't add links to a third party site just for the information which already is available. Of course crt.sh adds some other information too like revocation status et cetera, but I don't think that's very useful for the intermediate certs.
I don't personally, but I'm thinking more from the perspective of a company. I wouldn't want my company to look like it actually endorses some product. Or have some kind of thing resembling something like a "vendor lock-in". Don't forget crt.shis operated by Sectigo (part of Comodo Cybersecurity). They aren't an independent entitiy.
That's why I would recommend not adding too much from just one company or, if you want to add such stuff, add it from at least two. I.e., also add links to Googles certificate transparancy page or something.
That's true. I mean it is a free tool and I guarantee this site already contains at least a million links to crt.sh. It's mentioned in our #help template. Wonder if Let's Encrypt would be interested in their own CT log?
Does one of the Let's Encrypt sponsors offer a CT log?
Like I said, I'm not against the site. I use it too on this Community. But I think this Community (with external, non-LE-affiliated users) is a different story than putting it on your official website, which might have more "statement" to it.
