More transparency
=================

In the beginning there was
[Certificate Transparency](https://www.certificate-transparency.org/).

But there are more things that can be transparentified using public
append-only verifiable data structures.


General append-only logs
------------------------

A general append-only log is a TODO

### gaol

- open/gaol/v1
- onion service
- PEM file

### al cutters log

TODO


DNSSEC Transparency
-------------------

DNSSEC has cryptographic keys too, which can be abused.

### IETF94 experiment

An experiment first discussed at IETF94 is logging DS records in the
root zone and three TLD's.