More transparency
=================

In the beginning there was
[Certificate Transparency](https://www.certificate-transparency.org/). There
are more things that can be done transparent using public append-only
verifiable data structures.


General append-only logs
------------------------

A general append-only log is a TODO

### gaol

- open/gaol/v1
- onion service
- PEM file

### al cutters log

TODO


DNSSEC Transparency
-------------------

DNSSEC has cryptographic keys to, which can be abused.

### IETF94 experiment

An experiment first discussed at IETF94 is logging DS records in the
root zone and three TLD's.