https://cabforum.org/2020/02/20/ballot-sc027v3-version-3-onion-certificates/