A new attack surface appears with the MapServer. If a malicious CA creates an absurd number of entries for a domain name, those will be recorded by the CT Log Server, and afterwards by the MapServer.
A client requesting the material for that domain name will receive as much data as the attacker decides, rendering the connection to the MapServer useless.
Decide what attacker models appear because of this.
A new attack surface appears with the MapServer. If a malicious CA creates an absurd number of entries for a domain name, those will be recorded by the CT Log Server, and afterwards by the MapServer. A client requesting the material for that domain name will receive as much data as the attacker decides, rendering the connection to the MapServer useless.