Certificate Transparency

Certificate Transparency (CT) is an Internet security standard for monitoring and auditing the issuance of digital certificates.[1] When an internet user interacts with a website, a trusted third party is needed for assurance that the website is legitimate and that the website's encryption key is valid. This third party, called a certificate authority (CA), will issue a certificate for the website that the user's browser can validate. The security of encrypted internet traffic depends on the trust that certificates are only given out by the certificate authority and that the certificate authority has not been compromised.

Certificate Transparency makes public all issued certificates in the form of a distributed ledger, giving website owners and auditors the ability to detect and expose inappropriately issued certificates.

Work on Certificate Transparency first began in 2011 after the certificate authority DigiNotar became compromised and started issuing malicious certificates. Google engineers submitted a draft to the Internet Engineering Task Force (IETF) in 2012. This effort resulted in IETF RFC 9162, a standard defining a system of public logs to record all certificates issued by publicly trusted certificate authorities, allowing efficient identification of mistakenly or maliciously issued certificates.[2]

Technical overview

The certificate transparency system consists of a system of append-only certificate logs. Logs are operated by many parties, including browser vendors and certificate authorities.[3] Certificates that support certificate transparency must include one or more signed certificate timestamps (SCTs), which is a promise from a log operator to include the certificate in their log within a maximum merge delay (MMD).[4][3] At some point within the maximum merge delay, the log operator adds the certificate to their log. Each entry in a log references the hash of a previous one, forming a Merkle tree. The signed tree head (STH) references the current root of the Merkle tree.

Logging procedure

Although anyone can submit a certificate to a CT log, this task is commonly carried out by a CA as follows:[4][5]

  1. An applicant, "The natural person or Legal Entity that applies for (or seeks renewal of ) a Certificate",[6] requests a certificate from a CA.
  2. CA issues a special precertificate, a certificate which carries a poison extension signalling that it shouldn't be accepted by user agents.
  3. CA sends the precertificate to logs
  4. Logs return corresponding SCTs to the CA
  5. CA attaches SCTs collected from logs as an X.509 extension to the final certificate and provide it to the applicant.

Finally, a CA may decide to log the final certificate as well. Let's Encrypt E1 CA, for example, logs both precertificates and final certificates (see CA crt.sh profile page under 'issued certificates' section), whereas Google GTS CA 2A1 does not (see crt.sh profile page).

Mandatory certificate transparency

Some browsers require Transport Layer Security (TLS) certificates to have proof of being logged with certificate transparency,[7][8] either through SCTs embedded into the certificate, an extension during the TLS handshake, or through OCSP:

Browser Current SCT requirements Current OCSP/TLS extension requirements
Chrome/Chromium
  • One SCT from a currently approved log
  • Duration ≤ 180 days: 2 SCTs from once-approved logs
  • Duration > 180 days: 3 SCTs from once-approved logs[9][10]
  • 1 SCT from a current Google log
  • 1 SCT from a current non-Google log
Firefox None[11] None
Safari
  • One SCT from a currently approved log
  • Duration ≤ 180 days: 2 SCTs from once-approved logs
  • Duration > 180 days: 3 SCTs from once-approved logs[12]
 Two SCTs from currently approved logs

Log sharding

Due to the large quantities of certificates issued with the Web PKI, certificate transparency logs can grow to contain many certificates. This large quantity of certificates can cause strain on logs. Temporal sharding is a method to reduce the strain on logs by sharding a log into multiple logs, and having each shard only accept precertificates and certificates with an expiration date in a particular time period (usually a calendar year).[13][14][15] Cloudflare's Nimbus series of logs was the first to use temporal sharding.

Background

Advantages

One of the problems with digital certificate management is that fraudulent certificates take a long time to be spotted, reported and revoked. An issued certificate not logged using Certificate Transparency may never be spotted at all. Certificate Transparency makes it possible for the domain owner (and anyone interested) to get in knowledge of any certificate issued for a domain.

Side Effects

Domain names that are used on internal networks and have certificates issued by certificate authorities become publicly searchable as their certificates are added to CT logs.

Certificate Transparency logs

Certificate Transparency depends on verifiable Certificate Transparency logs. A log appends new certificates to an ever-growing Merkle hash tree.[1]: §4  To be seen as behaving correctly, a log must:

  • Verify that each submitted certificate or precertificate has a valid signature chain leading back to a trusted root certificate authority certificate.
  • Refuse to publish certificates without this valid signature chain.
  • Store the entire verification chain from the newly accepted certificate back to the root certificate.
  • Present this chain for auditing upon request.

A log may accept certificates that are not yet fully valid and certificates that have expired.

Certificate Transparency monitors

Monitors act as clients to the log servers. Monitors check logs to make sure they are behaving correctly. An inconsistency is used to prove that a log has not behaved correctly, and the signatures on the log's data structure (the Merkle tree) prevent the log from denying that misbehavior.

Certificate Transparency auditors

Auditors also act as clients to the log servers. Certificate Transparency auditors use partial information about a log to verify the log against other partial information they have.[1]: §8.3 

Certificate Transparency log programs

Apple[16] and Google[13] have separate log programs with distinct policies and lists of trusted logs.

Root stores of Certificate Transparency logs

Certificate Transparency logs maintain their own root stores and only accept certificates that chain back to the trusted roots.[1] A number of misbehaving logs have been publishing inconsistent root stores in the past.[17]

History

An example of Certificate Transparency entry on Firefox 89

In 2011, a reseller of the certificate authority Comodo was attacked and the certificate authority DigiNotar was compromised,[18] demonstrating existing flaws in the certificate authority ecosystem and prompting work on various mechanisms to prevent or monitor unauthorized certificate issuance. Google employees Ben Laurie, Adam Langley and Emilia Kasper began work on an open source framework for detecting mis-issued certificates the same year. In 2012, they submitted the first draft of the standard to IETF under the code-name "Sunlight".[19]

In March 2013, Google launched its first certificate transparency log.[20]

In June 2013, RFC 6962 "Certificate Transparency" was published, based on the 2012 draft.

In September 2013, DigiCert became the first certificate authority to implement Certificate Transparency.[21]

In 2015, Google Chrome began requiring Certificate Transparency for newly issued Extended Validation Certificates.[22][23] It began requiring Certificate Transparency for all certificates newly issued by Symantec from June 1, 2016, after they were found to have issued 187 certificates without the domain owners' knowledge.[24][25] Since April 2018, this requirement has been extended to all certificates.[8]

On March 23, 2018, Cloudflare announced its own CT log named Nimbus.[26]

In May 2019, certificate authority Let's Encrypt launched its own CT log called Oak. Since February 2020, it is included in approved log lists and is usable by all publicly trusted certificate authorities.[27]

In December 2021, RFC 9162 "Certificate Transparency Version 2.0" was published.[1] Version 2.0 includes major changes to the required structure of the log certificate, as well as support for Ed25519 as a signature algorithm of SCTs and support for including certificate inclusion proofs with the SCT.

In February 2022, Google published an update to their CT policy,[28] which removes the requirement for certificates to include a SCT from their own CT log service, matching all the requirements for certificates to those previously published by Apple.[29]

Signature algorithms

In Certificate Transparency Version 2.0, a log must use one of the algorithms in the IANA registry "Signature Algorithms".[1]: 10.2.2 [30]

Tools for inspecting CT logs

See also

References

  1. ^ a b c d e f Certificate Transparency Version 2.0. December 2021. doi:10.17487/RFC9162. RFC 9162.
  2. ^ Solomon, Ben (8 August 2019). "Introducing Certificate Transparency Monitoring". Cloudflare. Archived from the original on 8 August 2019. Retrieved 9 August 2019. Ah, Certificate Transparency (CT). CT solves the problem I just described by making all certificates public and easy to audit. When CAs issue certificates, they must submit certificates to at least two "public logs." This means that collectively, the logs carry important data about all trusted certificates on the Internet.
  3. ^ a b Scheitle, Quirin; Gasser, Oliver; Nolte, Theodor; Amann, Johanna; Brent, Lexi; Carle, Georg; Holz, Ralph; Schmidt, Thomas C.; Wählisch, Matthias (2018-10-31). "The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem". Proceedings of the Internet Measurement Conference 2018. Boston MA USA: ACM. pp. 343–349. doi:10.1145/3278532.3278562. ISBN 978-1-4503-5619-0. S2CID 52814744.
  4. ^ a b "How CT Works : Certificate Transparency". certificate.transparency.dev. Retrieved 2022-02-25.
  5. ^ "Certificate Transparency (CT) Logs". Let's Encrypt. Retrieved 2024-01-04.
  6. ^ "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates" (PDF). CA/B Forum. Retrieved 4 January 2024.
  7. ^ Call, Ashley (2015-06-03). "Certificate Transparency: FAQs | DigiCert Blog". DigiCert. Retrieved 2021-04-13.
  8. ^ a b O'Brien, Devon (7 February 2018). "Certificate Transparency Enforcement in Google Chrome". Google Groups. Retrieved 18 December 2019.
  9. ^ This applies for certificates issued on or after 15 April 2022. For older certificates, other criteria apply.
  10. ^ "Chrome Certificate Transparency Policy". CertificateTransparency. Retrieved 2022-02-26.
  11. ^ "Certificate Transparency - Web security | MDN". developer.mozilla.org. Retrieved 2022-02-26.
  12. ^ "Apple's Certificate Transparency policy". Apple Support. 5 March 2021. Retrieved 2022-02-26.
  13. ^ a b "Chrome CT Log Policy". googlechrome.github.io. Retrieved 2021-10-14.
  14. ^ Tomescu, Alin; Bhupatiraju, Vivek; Papadopoulos, Dimitrios; Papamanthou, Charalampos; Triandopoulos, Nikos; Devadas, Srinivas (2019-11-06). "Transparency Logs via Append-Only Authenticated Dictionaries". Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. London United Kingdom: ACM. pp. 1299–1316. doi:10.1145/3319535.3345652. ISBN 978-1-4503-6747-9. S2CID 52034337.
  15. ^ "Scaling CT Logs: Temporal Sharding | DigiCert.com". www.digicert.com. Retrieved 2022-02-26.
  16. ^ "Apple's Certificate Transparency log program". apple.com. 28 January 2019. Retrieved 2021-10-14.
  17. ^ Korzhitskii, Nikita; Carlsson, Niklas (2020). Characterizing the root landscape of Certificate Transparency logs. arXiv:2001.04319. {{cite book}}: |work= ignored (help)
  18. ^ Bright, Peter (August 30, 2011). "Another fraudulent certificate raises the same old questions about certificate authorities". Ars Technica. Retrieved 2018-02-10.
  19. ^ Laurie, Ben; Langley, Adam; Kasper, Emilia (2012-09-12). "Certificate Transparency (draft-laurie-pki-sunlight)". ietf.org. IETF. Retrieved 2023-05-28.
  20. ^ "Known Logs - Certificate Transparency". certificate-transparency.org. Retrieved 2015-12-31.
  21. ^ "DigiCert Announces Certificate Transparency Support". Dark Reading. 2013-09-24. Retrieved 2018-10-31.
  22. ^ Woodfield, Meggie (December 5, 2014). "Certificate Transparency Required for EV Certificates to Show Green Address Bar in Chrome". DigiCert Blog. DigiCert.
  23. ^ Laurie, Ben (February 4, 2014). "Updated Certificate Transparency + Extended Validation plan". [email protected] (Mailing list). Archived from the original on 2014-03-30.
  24. ^ "Symantec Certificate Transparency (CT) for certificates issued before June 1, 2016". Symantec Knowledge Center. Symantec. June 9, 2016. Archived from the original on October 5, 2016. Retrieved September 22, 2016.
  25. ^ Sleevi, Ryan (October 28, 2015). "Sustaining Digital Certificate Security". Google Security Blog.
  26. ^ Sullivan, Nick (23 March 2018). "Introducing Certificate Transparency and Nimbus". cloudflare.com. Archived from the original on 23 March 2018. Retrieved 9 August 2019.
  27. ^ "Introducing Oak, a Free and Open Certificate Transparency Log - Let's Encrypt". letsencrypt.org. Retrieved 2021-04-13.
  28. ^ "Google CT Policy Update". Google Groups. Retrieved 2022-02-14.
  29. ^ "Apple's Certificate Transparency Policy". support.apple.com. 5 March 2021. Retrieved 2022-02-14.
  30. ^ "Signature Algorithms". Public Notary Transparency. IANA. Retrieved 2023-05-28.
  31. ^ "Monitors : Certificate Transparency". certificate.transparency.dev. Retrieved 2023-03-06.

Read other articles:

Daftar Bupati Kotabaru

Bupati KotabaruLambang Kabupaten KotabaruPetahanaH. Sayed Jafar Al-Idrus, S.H.sejak 26 April 2021Masa jabatan5 tahunDibentuk1950Pejabat pertamaM. YamaniSitus webkotabarukab.go.id Berikut ini adalah daftar Bupati Kotabaru yang menjabat sejak pembentukannya pada tahun 1950. No Bupati Mulai Jabatan Akhir Jabatan Prd. Ket. Wakil Bupati 1 M. Yamani 1950 1951 1   – 2 Abdul Rasjid 1951 1955 2   3 Ibrahim Sedar 1955 1958 3   4 H.Abdul Muluk 1958 1959 4   5 H. A.Hudari 1960 ...

 

Bendosari, Sukoharjo

Untuk tempat lain yang bernama sama, lihat Bendosari. BendosariKecamatanPeta lokasi Kecamatan BendosariNegara IndonesiaProvinsiJawa TengahKabupatenSukoharjoPemerintahan • CamatRohmadi, S.H., M.SiPopulasi (2021)[1] • Total62.263 jiwaKode pos57521, 57527 dan 57528Kode Kemendagri33.11.06 Kode BPS3311060 Luas52,99 km²Desa/kelurahan13/1 Bendosari (Jawa: ꦧꦼꦤ꧀ꦝꦱꦫꦶ, translit. Bendhasari) adalah sebuah kecamatan di Kabupaten Sukoharjo...

 

St. Nicholas Park

Public park in Manhattan, New York Not to be confused with St Nicholas' Park, Warwick. This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed.Find sources: St. Nicholas Park – news · newspapers · books · scholar · JSTOR (August 2012) (Learn how and when to remove this template message) St. Nicholas Park135th Street entranceCoord...

Alamo Drafthouse Cinema

Alamo Drafthouse CinemaAlamo Drafthouse Cinema asli di pusat kota AustinIndustriHiburan (teater film)Didirikan1997KantorpusatAmerika SerikatCabang29TokohkunciTim LeagueAnakusahaMondoSitus webdrafthouse.com Alamo Drafthouse Cinema adalah sebuah jaringan sinema Amerika yang didirikan pada 1997 di Austin, Texas yang dikenal karena kebijakan ketatnya yang mewajibkan para audiennya untuk mengikuti etiket penayangan film yang sebenarnya. Jaringan tersebut memiliki bioskop di 29 lokasi, yang meliput...

 

Elisabeth dari Bayern (1227-1273)

Elisabeth dari BayernSegel Elisabeth dari BayernPermaisuri JermanPermaisuri YerusalemPeriode1 September 1246 – 21 Mei 1254Permaisuri SisiliaPeriode13 Desember 1250 – 21 Mei 1254Informasi pribadiKelahiranskt. 1227Puri Trausnitz, Landshut, BayernKematian9 Oktober 1273 (usia 45–46)Puri Goyen, Scena, TirolPemakamanBiara StamsWangsaWangsa WittelsbachAyahOtto II, Adipati BayernIbuPutri AgnesPasanganKonrad IV dari JermanMeinhard II dari KärntenAnakKonradinElisabeth dari Gorizia-TirolOtto III ...

 

Miki Yamane

Miki Yamane Informasi pribadiNama lengkap Miki YamaneTanggal lahir 22 Desember 1993 (umur 30)Tempat lahir Prefektur Kanagawa, JepangPosisi bermain GelandangKarier senior*Tahun Tim Tampil (Gol)2016– Shonan Bellmare * Penampilan dan gol di klub senior hanya dihitung dari liga domestik Miki Yamane (lahir 22 Desember 1993) adalah pemain sepak bola asal Jepang. Karier Miki Yamane pernah bermain untuk Shonan Bellmare. Pranala luar (Jepang) Profil dan statistik di situs web resmi J. League D...

Gugelhupf

German yeast cake This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed.Find sources: Gugelhupf – news · newspapers · books · scholar · JSTOR (October 2021) (Learn how and when to remove this message) GugelhupfAlternative namesGugelhopf, Guglhupf, Kugelhopf, bábovkaTypeYeast cake[1]Place of originAlsace, Germany, Aust...

 

Battle of Białystok–Minsk

Strategic operation conducted during Operation Barbarossa Battle of Białystok–MinskPart of Operation Barbarossa during the Eastern Front of World War IIRuins of Minsk, July 1941Date22 June – 9 July 1941LocationByelorussian Soviet Socialist Republic, Soviet UnionResult German victoryBelligerents  Germany  Soviet UnionCommanders and leaders Fedor von Bock Hermann Hoth Günther von Kluge Heinz Guderian Adolf Strauss Maximilian von Weichs Dmitry Pavlov  Vladimir Klimovskikh...

 

Thor Vilhjálmsson

Cet article est une ébauche concernant un écrivain islandais. Vous pouvez partager vos connaissances en l’améliorant (comment ?) selon les recommandations des projets correspondants. Thor VilhjálmssonBiographieNaissance 12 août 1925ÉdimbourgDécès 2 mars 2011 (à 85 ans)ReykjavikNationalité islandaiseActivités Poète, romancier, dramaturgeAutres informationsDistinctions Grand prix de littérature du Conseil nordique (1988)Prix nordique de l'Académie suédoise (1992)Doct...

Möckmühl

Möckmühl Pemandangan Möckmühl dari tenggara Lambang kebesaranLetak Möckmühl di Heilbronn NegaraJermanNegara bagianBaden-WürttembergWilayahStuttgartKreisHeilbronnSubdivisions5Pemerintahan • MayorUlrich Stammer (CDU)Luas • Total49,61 km2 (1,915 sq mi)Ketinggian179 m (587 ft)Populasi (2021-12-31)[1] • Total8.244 • Kepadatan1,7/km2 (4,3/sq mi)Zona waktuWET/WMPET (UTC+1/+2)Kode pos74219Kode area telep...

 

2002 NASCAR Busch Series

2002 NASCAR Busch Series Previous 2001 Next 2003 Champions | Seasons Greg Biffle, the 2002 Busch Series champion The 2002 NASCAR Busch Series began February 16 and ended November 16. Greg Biffle of Roush Racing was crowned champion. Teams and drivers Complete schedule Team Car(s) No. Driver(s) Listed owner(s) Crew chief AP Performance Racing Chevrolet Monte Carlo 19 Tim Sauter Alec Pinsonneault Joe Shear Jr. BACE Motorsports Chevrolet Monte CarloPontiac Grand Prix 33 Tony Raines Br...

 

تيمفو

تيمفو   الاسم الرسمي (بالتبتية: ཐིམ་ཕུ་)‏  الإحداثيات 27°28′17″N 89°38′01″E / 27.47135°N 89.63367°E / 27.47135; 89.63367   تاريخ التأسيس 1955  تقسيم إداري  البلد بوتان[1]  التقسيم الأعلى مقاطعة ثيمفو  [لغات أخرى]‏  عاصمة لـ بوتان  خصائص جغرافية  الم�...

Manggarai railway station

Railway station in Indonesia B09C13A01Manggarai StationStasiun ManggaraiCommuter rail and airport rail link stationFront view of Manggarai Station on the east side with text that reads Manggarai Central Station on the old building, March 2024.General informationLocationJl. Manggarai Utara I, Manggarai, Tebet, South JakartaIndonesiaCoordinates6°12′36″S 106°51′01″E / 6.2099°S 106.8502°E / -6.2099; 106.8502Elevation13 m (43 ft)Owned byMinistry of Tra...

 

Equifax

American consumer credit reporting agency Equifax Inc.Company typePublicTraded asNYSE: EFXS&P 500 componentB3: EFXB31IndustryCredit risk assessmentFounded1899; 125 years ago (1899) (as Retail Credit Company)FoundersCator WoolfordGuy WoolfordHeadquartersAtlanta, Georgia, U.S.Area servedWorldwideKey peopleMark L. Feidler(Chairman)Mark W. Begor(CEO)[1]John W. Gamble, Jr.(COO & CFO)Revenue US$5.27 billion (2023)Operating income US$934 million (2023)Net ...

 

Sapignicourt

SapignicourtcomuneSapignicourt – Veduta LocalizzazioneStato Francia RegioneGrand Est Dipartimento Marna ArrondissementVitry-le-François CantoneSermaize-les-Bains TerritorioCoordinate48°39′N 4°49′E48°39′N, 4°49′E (Sapignicourt) Superficie4,83 km² Abitanti359[1] (2009) Densità74,33 ab./km² Altre informazioniCod. postale52100 Fuso orarioUTC+1 Codice INSEE51522 CartografiaSapignicourt Sito istituzionaleModifica dati su Wikidata · Manuale Sapignicour...

Feminist theory

Extension of feminism into theoretical, fictional, or philosophical discourse For the journal, see Feminist Theory (journal). For the book, see Feminist Theory: From Margin to Center. Part of a series onFeminism History Feminist history History of feminism Women's history American British Canadian German Waves First Second Third Fourth Timelines Women's suffrage Muslim countries US Other women's rights Women's suffrage by country Austria Australia Canada Colombia India Japan Kuwait Liechtenst...

 

Clifton, New Jersey

City in Passaic County, New Jersey, US City in New JerseyClifton, New JerseyCityClifton viewed from above. The Garden State Parkway is visible on the left, with the Passaic River in the upper right and New Jersey Route 3 near the bottom SealNickname: The City that Cares[1]Map of Clifton in Passaic County. Inset: location of Passaic County highlighted in the State of New Jersey.Census Bureau map of Clifton, New Jersey Interactive map of Clifton, New JerseyCliftonLocation in Passai...

 

Burl Ives

American musician and actor (1909–1995) Burl IvesIves in Cat on a Hot Tin Roof (1958)BornBurl Icle Ivanhoe Ives(1909-06-14)June 14, 1909Hunt City, Illinois, U.S.DiedApril 14, 1995(1995-04-14) (aged 85)Anacortes, Washington, U.S.Burial placeMound Cemetery, Hunt City Township, Jasper County, IllinoisOccupationsMusiciansingeractorauthorYears active1929–1993Spouses Helen Peck Ehrlich ​ ​(m. 1945; div. 1971)​ Dorothy Koster Paul ...

James Whittico Jr.

American physician James Whittico Jr.Born(1915-11-18)November 18, 1915Williamson, West Virginia, U.S.DiedAugust 21, 2018(2018-08-21) (aged 102)Allegiance United StatesService/branch United States ArmyRank Lieutenant colonelBattles/wars World War II Bronze Star James Whittico Jr. (November 18, 1915 – August 21, 2018) was an American physician from St. Louis, Missouri. He was the first African American named a full clinical professor at any medical school in St. Louis and was t...

 

Lingkar Arktik

Peta Arktik, dengan Lingkar Arktik berwarna biru. Lingkar Arktik adalah salah satu dari dua lingkaran kutub dan yang paling utara dari lima lingkaran lintang utama seperti yang ditunjukkan pada peta Bumi. Lingkar ini menandai titik paling utara di mana pusat matahari siang hanya terlihat di titik balik Desember dan titik paling selatan di mana pusat matahari tengah malam hanya terlihat di titik balik Juni.[1][2] Wilayah utara lingkaran ini dikenal sebagai Arktik, dan zona yang...