About Certificate Transparency
Certificate Transparency is a system for publicly logging digital certificates. Domain owners can monitor Certificate Transparency logs to discover certificates for their domains. Certificate Transparency helps you detect authorized but undocumented certificates as well as unauthorized certificates that were issued due to a security compromise. Learn more about use cases. Armed with this information, you can assess the security impact and take appropriate action, such as revoking the bad certificates and remediating the underlying security or policy failure.
Certificate Transparency logs are designed to resist malfeasance. Logs use an append-only and auditable cryptographic structure called a Merkle Tree, which is similar to the Bitcoin blockchain, to ensure that once a certificate is logged, it can never be removed. To keep logs honest, independent auditors continuously monitor logs to ensure they are behaving correctly.
Certificate Transparency was launched by Google in 2013 to solve the trust problems with the Web's PKI. It is currently being standardized by the IETF. Learn more at certificate.transparency.dev
Coverage
Since Google Chrome only accepts certificates issued after April 2018 if they are included in at least two Certificate Transparency logs, most certificates issued after April 2018 are automatically logged by the certificate authority and can be detected by Cert Spotter.
In addition, security researchers and automated Internet scanners can submit certificates that they discover to Certificate Transparency, so logs contain many certificates that weren't submitted directly by the certificate authority.
Monitoring Logs
Certificate Transparency logs provide a simple public API to retrieve certificates and audit the log for correct operation. However, the API is primitive: it is only possible to retrieve certificates by their position in the log. To discover all certificates for a domain, one must download every single log entry from every log server, and parse each one.
This is where Cert Spotter comes in. Cert Spotter monitors logs for you. We download, process, and index every certificate from every known log. You can retrieve certificates by domain name using a simple JSON API, or subscribe to notifications of new certificates. You receive an email whenever a certificate is detected, and you can review all detected certificates from a web dashboard.
Cert Spotter is also available as an open source program if you don't mind setting it up yourself.
Robustness
Cert Spotter assumes an adversarial model in which an attacker produces a certificate that is accepted by at least some clients but goes undetected because of an encoding error that prevents CT monitors from understanding it. To defend against this attack, Cert Spotter uses a special certificate parser that keeps the certificate unparsed except for the identifiers. If one of the identifiers matches a domain on your watchlist, you will be notified, even if other parts of the certificate are unparsable.
Cert Spotter takes special precautions to ensure identifiers are parsed
correctly, and implements defenses against identifier-based attacks.
For instance, if a DNS identifier contains a null byte, Cert Spotter
interprets it as two identifiers: the complete identifier, and the
identifier formed by truncating at the first null byte. For example, a
certificate for example.org\0.example.com
will alert the owners of both
example.org and example.com. This defends against the null prefix attack discovered
by Moxie Marlinspike.
Cert Spotter is not just a log monitor, but also a log auditor which checks that the log is obeying its append-only property.