CT For Server (Developers)
Similar to my advice regarding OCSP Stapling
for servers/server developers, based on questions I've received about "CT best practices," I wanted to
write something similar for those writing server software. That is, this isn't targeted at server
operators, but for those writing software like Apache, nginx, Caddy, etc.
At the most basic level, the deployment of Certificate Transparency to date has largely tried to
focus the burden on CAs, rather than on server developers. If the CA is doing everything right,