Define "incorporate"

[rlb@…]

Section 4 says that "An SCT is the log's promise to incorporate the submitted
entry in its Merkle Tree no later than a fixed amount of time". What does it
mean for a certificate to be incorporated? Does it mean that it is covered by
an STH? Does it mean that the certificate is available via the get-entries
endpoint? Being precise on this point is important, given that a lot of policy
ink is being spilled about enforcement of this requirement.

[eranm@…]

The different phases of a certificate being added to the tree:

• The thing that gets submitted to a CT log is not an entry. It's a 'submission'.
• At some point, an entry in the log is created for the submission. The entry is the input to the Merkle Tree: "The input to the Merkle Tree Hash is a list of data entries;".
• There's an intermediate phase, of an entry existing before it's actually in the tree - Essentially, the entry is "created" when a sequence number is assigned to the submission + timestamp combination.

Incorporation should be defined as the allocation of an sequence number to the entry and production of an STH that includes the hash of that sequenced entry.

[eranm@…]

Out for review in ​https://github.com/google/certificate-transparency-rfcs/pull/254

Note I plan a bigger change that unifies the names of data structures with their semantic meaning.

[eranm@…]

Committed in ​https://github.com/google/certificate-transparency-rfcs/commit/1916b9a570a718588b80aaafc3168f4b9464172c, please review.