TLS Certificate Transparency logs come and go over time

September 9, 2021

TLS Certificate Transparency is a system where browser vendors require TLS Certificate Authorities to publish information about all of their TLS certificates in cryptographically validated logs, which are generally run by third parties. Or you can read the Wikipedia article, which describes it somewhat differently. A crucial ingredient in certificate transparency are CT logs, which need to keep operating properly for this whole thing to work.

Well, except that sometimes things go wrong in CT log operation; for instance, there's been at least one CT log that became corrupt and unusable due to an apparent single bit flip during cryptographic operations (via). In addition to outright problems with logs, people don't like to let their CT logs grow too big, so if you look at one current list of CT logs, you'll see a lot of logs that have dates in their names (and I believe list the time ranges when they'll accept TLS certificates for logging). The log operators may keep these logs available after their end time, but after a while that will only be useful for historical purposes, since no currently valid TLS certificate can be a log that's been closed for long enough.

One clear consequence of this is that if you're looking at Certificate Transparency logs, your list of what logs to look at can't be static in practice. As logs come and go, either on schedule or because something broke, you need to update what you look at in some way, even if it's by rebuilding a hard-coded list in your software. There are various lists of CT logs out on the Internet (eg), which you can use for various purposes if you want. If you just want to search every possible CT log to watch for TLS certificates being issued for domains, you probably can use these lists without oversight and auditing. If you're validating TLS certificates through CT logs, you probably want to be at least a little bit selective and careful about what CT logs you accept.

(Modern public TLS certificates contain embedded information about what CT logs they're logged in, but those don't name URLs as far as I know so you've got to have another source of that information. And you probably don't want to take a random TLS certificate's word for what CT logs you should trust.)

In general, using Certificate Transparency logs seems to be complicated enough that you should probably outsource it to people who do it on a regular basis. I use some third-party software to keep a vague watch for TLS certificates for domains I care about, but I don't actually count on this for any security. If the entire infrastructure stopped working tomorrow, it wouldn't be a big deal.

Written on 09 September 2021.
« The "web" TLS world is different from the non-public one in practice
Some things to reduce background bandwidth usage on a Fedora machine »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Thu Sep 9 23:43:50 2021
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.