From 43105d27d470757a19184beeb18e1347a9f236bb Mon Sep 17 00:00:00 2001
From: Rasmus Dahlberg <rgdd@glasklarteknik.se>
Date: Sun, 2 Mar 2025 12:12:43 +0100
Subject: Document log list in README

This was only documented in the lengthier design doc before, and the
option of doing "remove_logs" and "static_logs" had not been documented.

Part of #21, thanks vexelnet!
---
 README.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'README.md')

diff --git a/README.md b/README.md
index 42fc1b8..1e19f08 100644
--- a/README.md
+++ b/README.md
@@ -101,6 +101,19 @@ configuration of each trusted system.  The monitor will refuse to mark a
 certificate as legitimate unless the trusted system that requested it had
 permission to do so.  This adds a layer of separation between trusted systems.
 
+The list of logs is configured and kept up-to-date by downloading [Google's
+list][] in signed format.  To remove a log, specify the `"remove_logs"` list.
+Each entry should be a log key on the same format as in the signed list.
+
+    "remove_logs": [
+        "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8m/SiQ8/xfiHHqtls9m7FyOMBg4JVZY9CgiixXGz0akvKD6DEL8S0ERmFe9U4ZiA0M4kbT5nmuk3I85Sk4bagA=="
+    ]
+
+To add or override a log (mostly useful for debug), specify the `"static_logs"`
+list.  Each log entry should be on the same format as in the signed list.
+
+[Google's list]: https://github.com/google/certificate-transparency-community-site/blob/master/docs/google/known-logs.md
+
 ### Start the monitor
 
 Start the monitor:
-- 
cgit v1.2.3