This article may be too technical for most readers to understand. Please help improve it to make it understandable to non-experts, without removing the technical details.(August 2023) (Learn how and when to remove this message)
Certificate Transparency (CT) is an Internet security standard for monitoring and auditing the issuance of digital certificates.[1] When an internet user interacts with a website, a trusted third party is needed to assure the user that the website is legitimate and that the website's encryption key is valid. This third party, called a certificate authority (CA), will issue a certificate for the website that the user can validate. The security of encrypted internet traffic (HTTPS) depends on the trust that certificates are only given out by the certificate authority and that the certificate authority has not been compromised.
Certificate Transparency makes public all issued certificates, giving website owners and auditors the ability to detect and expose inappropriately issued certificates.
Work on Certificate Transparency first began in 2011 after the certificate authority DigiNotar became compromised and started issuing malicious certificates. Google Engineers submitted a draft to the Internet Engineering Task Force (IETF) in 2012. This effort resulted in IETF RFC 9162, a standard defining a system of public logs to record all certificates issued by publicly trusted certificate authorities, allowing efficient identification of mistakenly or maliciously issued certificates.[2]
^Certificate Transparency Version 2.0. December 2021. doi:10.17487/RFC9162. RFC 9162.
^Solomon, Ben (8 August 2019). "Introducing Certificate Transparency Monitoring". Cloudflare. Archived from the original on 8 August 2019. Retrieved 9 August 2019. Ah, Certificate Transparency (CT). CT solves the problem I just described by making all certificates public and easy to audit. When CAs issue certificates, they must submit certificates to at least two "public logs." This means that collectively, the logs carry important data about all trusted certificates on the Internet.
and 24 Related for: Certificate Transparency information
CertificateTransparency (CT) is an Internet security standard for monitoring and auditing the issuance of digital certificates. When an internet user...
a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies...
in publicly trusted certificate authorities, and accelerated work on various security mechanisms, including CertificateTransparency to track mis-issuance...
frequent certificate issuance typically requires automation (e.g., the ACME protocol) and may stress other infrastructural elements (e.g., transparency logs)...
attacker. Certificate authority compromise CertificateTransparency HTTP Strict Transport Security List of HTTP header fields DNS Certification Authority...
system; Zeronet; the Bitcoin and Ethereum peer-to-peer networks; the CertificateTransparency framework; the Nix package manager and descendants like GNU Guix;...
Inner Detector in the ATLAS experiment Signed Certificate Timestamps, a part of CertificateTransparency Systems-centered therapy, a type of psychotherapy...
Ct, a SIMD multithreading programming model developed by Intel CertificateTransparency, in network security CT Value, in drinking water disinfection Threshold...
authentication certificates as a means to increase transparency in this market. There are different types of website authentication certificates, which is...
anti-encryption program run by the U.S. National Security Agency Certificate authority CertificateTransparency Delegated credential HTTP Strict Transport Security...
allowing browser vendors to continue to use mechanisms such as certificatetransparency to maintain browser security. Database information has to be linked...
Object Module (certificate #1747), OpenSSL FIPS Object Module SE (certificate #2398), and OpenSSL FIPS Object Module RE (certificate #2473). Many 'private...
laboratory since 2010 CTL Corporation, manufacturer of Chromebooks CertificateTransparency Logs Computation tree logic Control key, a computer keyboard key...
Langley received the Levchin Prize “for creating and deploying CertificateTransparency at scale””. "Ben Laurie". Archived from the original on 2005-10-25...
forced not to kill the canary), as is binary transparency (applying the idea of certificatetransparency to binary executable files), which he describes...
original on 27 February 2019. Retrieved 24 May 2020. "Anti-Censorship & Transparency - Roger Dingledine". YouTube. Archived from the original on 22 December...
used in CRLite, a proposed certificate revocation status distribution mechanism for the Web PKI, and CertificateTransparency is exploited to close the...
efficient Anonymous Credentials” 2024 Al Cutter, Emilia Käsper, Adam Langley, and Ben Laurie “For creating and deploying CertificateTransparency at scale”...
A Certificate of Origin or Declaration of Origin (often abbreviated to C/O, CO or DOO) is a document widely used in international trade transactions which...