> 1. SCTs embedded in the certificate itself. > 2. SCTs embedded in an OCSP-stapled response. > 3. SCTs sent in a TLS extension. And my guess it's gonna be like exponential fall-off in that order. But we'll have to see. -- Senior Architect, Akamai Technologies IM: richsalz at jabber.at Twitter: RichSalz