Certificate Transparency for Domain Name System Security Extensions
In draft-ietf-trans-rfc6962-bis, a solution is proposed for publicly logging the existence of Transport Layer Security (TLS) certificates using Merkle Hash Trees. This document tries to use this idea in DNSSEC and publicly logging the DS RRs in order to notice the issuance of suspect key signing keys.