←back to thread

Running a Certificate Transparency log

(words.filippo.io)
160 points Metalnem | 1 comments | 07 Jul 25 20:36 UTC | HN request time: 0.435s | source
Show context
torbid ◴[07 Jul 25 21:38 UTC] No.44494933[source]
These sound like good improvements but I still don't really get why the ct log server is responsible for storage at all (as a 3rd party entity)..

Couldn't it just be responsible for its own key and signing incremental advances to a log that all publishers are responsible for storing up to their latest submission to it?

If it needed to restart and some last publisher couldn't give it its latest entries, well they would deserve that rollback to the last publish from a good publisher..

replies(2): >>44495039 #>>44495074 #
michaelt ◴[07 Jul 25 21:51 UTC] No.44495039[source]
The point of CT logging is to ensure a person can ask "What certificates were issued for example.com?" or "What certificates were issued by Example CA?" and get an answer that's correct - even if the website or CA fucked up or got hacked and certificates are in the hands of people who've tried to cover their tracks.

This requires the logs be held by independent parties, and retained forever.

replies(1): >>44495066 #
torbid ◴[07 Jul 25 21:55 UTC] No.44495066[source]
I understand that. But..

If 12 CAs send to the same log and all have to save up to their latest entry not to be declared incompetent to be CAs, how would all 12 possibly do a worse job of providing that log on demand than a random 3rd party who has no particular investment at risk?

(Every other CA in a log is a 3rd party with respect to any other, but they are one who can actually be told to keep something indefinitely because they would also need to return it for legitimizing their own issuance.)

replies(1): >>44495424 #
michaelt ◴[07 Jul 25 22:57 UTC] No.44495424[source]
As far as I know, CAs don't have to "save up to their latest entry"

The info they get back from the CT log may be a Merkle Hash that partly depends on the other entries in the log - but they don't have to store the entire log, just a short checksum.

replies(1): >>44495778 #
1. torbid ◴[08 Jul 25 00:06 UTC] No.44495778[source]
Right and this is what I am saying is backwards with the protocol. It is not in anyone's best interest that some random 3rd party takes responsibility to preserve data for CAs indefinitely to prove things. The CA should identify where it has its copy in the extension and looking at one CAs copy one would find every other CAs copy of the same CT log.