←back to thread

Running a Certificate Transparency log

(words.filippo.io)
160 points Metalnem | 1 comments | 07 Jul 25 20:36 UTC | HN request time: 0.204s | source
Show context
torbid ◴[07 Jul 25 21:38 UTC] No.44494933[source]
These sound like good improvements but I still don't really get why the ct log server is responsible for storage at all (as a 3rd party entity)..

Couldn't it just be responsible for its own key and signing incremental advances to a log that all publishers are responsible for storing up to their latest submission to it?

If it needed to restart and some last publisher couldn't give it its latest entries, well they would deserve that rollback to the last publish from a good publisher..

replies(2): >>44495039 #>>44495074 #
singron ◴[07 Jul 25 21:56 UTC] No.44495074[source]
The publishers can't entirely do the storage themselves since the whole point of CT is that they can't retract anything. If they did their own storage, they could rollback any change. Even if the log forms a verification chain, they could do a rollback shortly after issuing a certificate without arousing too much suspicion.

Maybe there is an acceptable way to shift long-term storage to CAs while using CT verifiers only for short term storage? E.g. they keep track of their last 30 days of signatures for a CA, which can then get cross-verified by other verifiers in that timeframe.

The storage requirements don't seem that bad though and it might not be worth any reduced redundancy and increased complexity for a different storage scheme. E.g. what keeps me from doing this is the >1Gbps and >1 pager requirements.

replies(2): >>44495110 #>>44500860 #
1. torbid ◴[07 Jul 25 22:04 UTC] No.44495110[source]
If CAs have to share CTs and have to save everything the CT would save to their last submission then no CA can destroy the log without colluding with other CAs.

(I.e. your log ends abruptly but polling any other CA that published to the same CT shows there is more including reasons to shut you down.)

I don't see how a scheme where the CT signer has this responsibility makes any sense. If they stop operating because they are sick of it, all the CAs involved have a somewhat suspicious looking CT history on things already issued that has to be explained instead of having always had the responsibility to provide the history up to anything they have signed whether or not some CT goes away.