<snip>
>>> 3.1. Log Entries
>>>
>>> Anyone can submit a certificate to any log. In order to enable
>>> attribution of each logged certificate to its issuer, the log SHALL
>>> publish a list of acceptable root certificates (this list might
>>> usefully be the union of root certificates trusted by major browser
>>> vendors). Each submitted certificate MUST be accompanied by all
>>> additional certificates required to verify the certificate chain up
>>> to an accepted root certificate. The root certificate itself MAY be
>>> omitted from this list.
a question I neglected to add here is: how do log services publish their lists
of "acceptable root certificates" ?
=JeffH