Let’s Encrypt does log to multiple logs. For example, here’s a cert I accidentally issued yesterday:
It was simultaneously logged to Cloudflare Nimbus, Google Argon and Google Icarus.
Some CT logs reflect updates more quickly than others, so a crt.sh page for a certificate issued within the last couple hours may be misleading.
I believe Let’s Encrypt also sometimes uses some of the other high volume logs.
More than just logging certificates, Chrome will require that websites prove their certificates were logged, through one of three mechanisms:
- Including SCTs in the certificate, which requires changes to the CA’s certificate creation code.
- Using OCSP stapling and including SCTs in the OCSP response, which requires OCSP stapling support in the web server, and changes to the CA’s OCSP code.
- Including SCTs in a TLS extension, which requires changes to the web server.
Let’s Encrypt intends to comply with the Chrome policy by the time it is necessary, 2 months and 3 days from now. They plan to implement the first option, including SCTs in certificates, and the requisite changes are in development.