GithubHelp home page GithubHelp logo

ct-policy's Introduction

Chromium Certificate Transparency Policy

This repository contains documents related Chromium's Certificate Transparency policies, such as the Certificate Transparency Log Policy.

Their contents can be discussed in the [email protected] forum.

For Certificate Authorities

In order to help protect users of the Chromium Projects, CAs are expected to support Certificate Transparency. This allows users, the Chromium Authors, and the public to verifiably audit that CAs are conforming to the policies set out in Chromium's Root Certificate Policy.

Chromium requires all publicly-trusted TLS certificates issued after April 30, 2018 to support CT as described in the Certificate Transparency in Chrome Policy. Extended Validation (EV) TLS certificates issued before this date are also required to support CT in order to be recognized as an EV certificate in Chromium.

For Log Operators

In order for a Log to be included within Chromium, it must meet the requirements of the Certificate Transparency Log Policy. The Log Policy describes the steps for Log Operators to submit Logs for inclusion within Chromium.

Recognized Logs

The following table includes information about the Certificate Transparency Logs that are recognized by Chromium. It includes information about who operates the log, the name the log has been given, and the URL that can be used for logging certificates or inspecting the certificates that have been logged.

Note: The authoritative list is maintained in the Chromium code base. This is merely informational.

Qualified Logs

Log Operator Log Name Log URL MMD Qualified In Current State
Google Google 'Aviator' Log https://ct.googleapis.com/aviator 24 hours Chrome 35 Read Only
Google Google 'Pilot' Log https://ct.googleapis.com/pilot/ 24 hours Chrome 35 Usable
DigiCert DigiCert's Certificate Transparency log https://ct1.digicert-ct.com/log/ 24 hours Chrome 41 Usable
Google Google 'Rocketeer' Log https://ct.googleapis.com/rocketeer 24 hours Chrome 43 Usable
Google Google 'Icarus' Log https://ct.googleapis.com/icarus/ 24 hours Chrome 55 Usable
Google Google 'Skydiver' Log https://ct.googleapis.com/skydiver/ 24 hours Chrome 55 Usable
Sectigo Sectigo 'Mammoth' Log https://mammoth.ct.comodo.com/ 24 hours Chrome 60 Usable
Sectigo Sectigo 'Sabre' Log https://sabre.ct.comodo.com/ 24 hours Chrome 60 Usable
Cloudflare Cloudflare 'Nimbus2020' Log https://ct.cloudflare.com/logs/nimbus2020/ 24 hours Chrome 65 Usable
Cloudflare Cloudflare 'Nimbus2021' Log https://ct.cloudflare.com/logs/nimbus2021/ 24 hours Chrome 65 Usable
Google Google 'Argon2020' Log https://ct.googleapis.com/logs/argon2020/ 24 hours Chrome 65 Usable
Google Google 'Argon2021' Log https://ct.googleapis.com/logs/argon2021/ 24 hours Chrome 65 Usable
DigiCert DigiCert 'Yeti2020' Log https://yeti2020.ct.digicert.com/log/ 24 hours Chrome 67 Usable
DigiCert DigiCert 'Yeti2021' Log https://yeti2021.ct.digicert.com/log/ 24 hours Chrome 67 Usable
DigiCert DigiCert 'Yeti2022' Log https://yeti2022.ct.digicert.com/log/ 24 hours Chrome 67 Usable
DigiCert DigiCert 'Nessie2020' Log https://nessie2020.ct.digicert.com/log/ 24 hours Chrome 72 Usable
DigiCert DigiCert 'Nessie2021' Log https://nessie2021.ct.digicert.com/log/ 24 hours Chrome 72 Usable
DigiCert DigiCert 'Nessie2022' Log https://nessie2022.ct.digicert.com/log/ 24 hours Chrome 72 Usable
Google Google 'Xenon2020' Log https://ct.googleapis.com/logs/xenon2020/ 24 hours Chrome 73 Usable
Google Google 'Xenon2021' Log https://ct.googleapis.com/logs/xenon2021/ 24 hours Chrome 73 Usable
Google Google 'Xenon2022' Log https://ct.googleapis.com/logs/xenon2022/ 24 hours Chrome 73 Usable
Cloudflare Cloudflare 'Nimbus2022' Log https://ct.cloudflare.com/logs/nimbus2022/ 24 hours Chrome 76 Usable
Cloudflare Cloudflare 'Nimbus2023' Log https://ct.cloudflare.com/logs/nimbus2023/ 24 hours Chrome 76 Usable
DigiCert DigiCert 'Nessie2023' Log https://nessie2023.ct.digicert.com/log/ 24 hours Chrome 76 Usable
DigiCert DigiCert 'Yeti2023' Log https://yeti2023.ct.digicert.com/log/ 24 hours Chrome 76 Usable
Google Google 'Xenon2023' Log https://ct.googleapis.com/logs/xenon2023/ 24 hours Chrome 77 Usable
Google Google 'Argon2022' Log https://ct.googleapis.com/logs/argon2022/ 24 hours Chrome 77 Usable
Google Google 'Argon2023' Log https://ct.googleapis.com/logs/argon2023/ 24 hours Chrome 77 Usable
Let's Encrypt Let's Encrypt 'Oak2020' Log https://oak.ct.letsencrypt.org/2020/ 24 hours Chrome 78 Usable
Let's Encrypt Let's Encrypt 'Oak2021' Log https://oak.ct.letsencrypt.org/2021/ 24 hours Chrome 78 Usable
Let's Encrypt Let's Encrypt 'Oak2022' Log https://oak.ct.letsencrypt.org/2022/ 24 hours Chrome 78 Usable
Let's Encrypt Let's Encrypt 'Oak2023' Log https://oak.ct.letsencrypt.org/2023/ 24 hours Chrome 87 Qualified
TrustAsia TrustAsia 'Log2020' https://ct.trustasia.com/log2020/ 24 hours Chrome 87 Qualified
TrustAsia TrustAsia 'Log2021' https://ct.trustasia.com/log2021/ 24 hours Chrome 87 Qualified
TrustAsia TrustAsia 'Log2022' https://ct.trustasia.com/log2022/ 24 hours Chrome 87 Qualified
TrustAsia TrustAsia 'Log2023' https://ct.trustasia.com/log2023/ 24 hours Chrome 87 Qualified

Once, but no longer, Qualified Logs

Log Operator Name Log URL MMD Qualified In Last Accepted SCT
Certly Certly.IO Log https://log.certly.io 24 hours Chrome 43 15 April 2016 00:00:00 UTC.
Izenpe Izenpe Log https://ct.izenpe.com 24 hours Chrome 44 30 May 2016 00:00:00 UTC.
Venafi Venafi CT Log Server https://ctlog.api.venafi.com/ct/v1 24 hours Chrome 47 28 Feb 2017 18:42:26 UTC.
WoSign WoSign Log https://ctlog.wosign.com/ 24 hours Chrome 54 12 Feb 2018 23:59:59 UTC.
StartCom StartCom CT Log https://ct.startssl.com/ 24 hours Chrome 54 12 Feb 2018 23:59:59 UTC.
CNNIC CNNIC CT Log https://ctserver.cnnic.cn/ 24 hours Chrome 53 18 Sep 2018 00:00:00 UTC.
DigiCert Symantec Log https://ct.ws.symantec.com 24 hours Chrome 45 16 Feb 2019 00:00:00 UTC.
DigiCert Symantec 'Vega' Log https://vega.ws.symantec.com/ 24 hours Chrome 50 16 Feb 2019 00:00:00 UTC.
DigiCert Symantec 'Sirius' Log https://sirius.ws.symantec.com/ 24 hours Chrome 60 16 Feb 2019 00:00:00 UTC.
Google Google 'Argon2018' Log https://ct.googleapis.com/logs/argon2018/ 24 hours Chrome 65 Rejected - Shard Expired
Cloudflare Cloudflare 'Nimbus2018' Log https://ct.cloudflare.com/logs/nimbus2018/ 24 hours Chrome 65 Rejected - Shard Expired
DigiCert DigiCert 'Yeti2018' Log https://yeti2018.ct.digicert.com/log/ 24 hours Chrome 67 Rejected - Shard Expired
DigiCert DigiCert 'Nessie2018' Log https://nessie2018.ct.digicert.com/log/ 24 hours Chrome 72 Rejected - Shard Expired
Cloudflare Cloudflare 'Nimbus2019' Log https://ct.cloudflare.com/logs/nimbus2019/ 24 hours Chrome 65 Rejected - Shard Expired
DigiCert DigiCert 'Yeti2019' Log https://yeti2019.ct.digicert.com/log/ 24 hours Chrome 67 Rejected - Shard Expired
DigiCert DigiCert 'Nessie2019' Log https://nessie2019.ct.digicert.com/log/ 24 hours Chrome 72 Rejected - Shard Expired
Google Google 'Argon2019' Log https://ct.googleapis.com/logs/argon2019/ 24 hours Chrome 65 Rejected - Shard Expired
Google Google 'Xenon2019' Log https://ct.googleapis.com/logs/xenon2019/ 24 hours Chrome 73 Rejected - Shard Expired
Let's Encrypt Let's Encrypt 'Oak2019' Log https://oak.ct.letsencrypt.org/2019/ 24 hours Chrome 78 Rejected - Shard Expired
Venafi Venafi Gen2 CT log https://ctlog-gen2.api.venafi.com/ 24 hours Chrome 59 Rejected - All Certs Expired
DigiCert DigiCert Log Server 2 https://ct2.digicert-ct.com/log/ 24 hours Chrome 60 04 May 2020 00:00:40 UTC

Policy Version

Chromium Certificate Transparency Policy Version 1.0

ct-policy's People

Contributors

devonobrien avatar sleevi avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.