Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.

README.md

Chromium Certificate Transparency Policy

This repository contains documents related Chromium's Certificate Transparency policies, such as the Certificate Transparency Log Policy.

Their contents can be discussed in the ct-policy@chromium.org forum.

For Certificate Authorities

In order to help protect users of the Chromium Projects, CAs are expected to support Certificate Transparency. This allows users, the Chromium Authors, and the public to verifiably audit that CAs are conforming to the policies set out in Chromium's Root Certificate Policy.

Chromium requires all publicly-trusted TLS certificates issued after April 30, 2018 to support CT as described in the Certificate Transparency in Chrome Policy. Extended Validation (EV) TLS certificates issued before this date are also required to support CT in order to be recognized as an EV certificate in Chromium.

For Log Operators

In order for a Log to be included within Chromium, it must meet the requirements of the Certificate Transparency Log Policy. The Log Policy describes the steps for Log Operators to submit Logs for inclusion within Chromium.

Recognized Logs

The following table includes information about the Certificate Transparency Logs that are recognized by Chromium. It includes information about who operates the log, the name the log has been given, and the URL that can be used for logging certificates or inspecting the certificates that have been logged.

Note: The authoritative list is maintained in the Chromium code base. This is merely informational.

Qualified Logs

Log Operator Log Name Log URL MMD Qualified In Current State
Google Google 'Aviator' Log https://ct.googleapis.com/aviator 24 hours Chrome 35 Read Only
Google Google 'Pilot' Log https://ct.googleapis.com/pilot/ 24 hours Chrome 35 Usable
DigiCert DigiCert's Certificate Transparency log https://ct1.digicert-ct.com/log/ 24 hours Chrome 41 Usable
Google Google 'Rocketeer' Log https://ct.googleapis.com/rocketeer 24 hours Chrome 43 Usable
Google Google 'Icarus' Log https://ct.googleapis.com/icarus/ 24 hours Chrome 55 Usable
Google Google 'Skydiver' Log https://ct.googleapis.com/skydiver/ 24 hours Chrome 55 Usable
Sectigo Sectigo 'Mammoth' Log https://mammoth.ct.comodo.com/ 24 hours Chrome 60 Usable
Sectigo Sectigo 'Sabre' Log https://sabre.ct.comodo.com/ 24 hours Chrome 60 Usable
Cloudflare Cloudflare 'Nimbus2020' Log https://ct.cloudflare.com/logs/nimbus2020/ 24 hours Chrome 65 Usable
Cloudflare Cloudflare 'Nimbus2021' Log https://ct.cloudflare.com/logs/nimbus2021/ 24 hours Chrome 65 Usable
Google Google 'Argon2020' Log https://ct.googleapis.com/logs/argon2020/ 24 hours Chrome 65 Usable
Google Google 'Argon2021' Log https://ct.googleapis.com/logs/argon2021/ 24 hours Chrome 65 Usable
DigiCert DigiCert 'Yeti2020' Log https://yeti2020.ct.digicert.com/log/ 24 hours Chrome 67 Usable
DigiCert DigiCert 'Yeti2021' Log https://yeti2021.ct.digicert.com/log/ 24 hours Chrome 67 Usable
DigiCert DigiCert 'Yeti2022' Log https://yeti2022.ct.digicert.com/log/ 24 hours Chrome 67 Usable
DigiCert DigiCert 'Nessie2020' Log https://nessie2020.ct.digicert.com/log/ 24 hours Chrome 72 Usable
DigiCert DigiCert 'Nessie2021' Log https://nessie2021.ct.digicert.com/log/ 24 hours Chrome 72 Usable
DigiCert DigiCert 'Nessie2022' Log https://nessie2022.ct.digicert.com/log/ 24 hours Chrome 72 Usable
Google Google 'Xenon2020' Log https://ct.googleapis.com/logs/xenon2020/ 24 hours Chrome 73 Usable
Google Google 'Xenon2021' Log https://ct.googleapis.com/logs/xenon2021/ 24 hours Chrome 73 Usable
Google Google 'Xenon2022' Log https://ct.googleapis.com/logs/xenon2022/ 24 hours Chrome 73 Usable
Cloudflare Cloudflare 'Nimbus2022' Log https://ct.cloudflare.com/logs/nimbus2022/ 24 hours Chrome 76 Usable
Cloudflare Cloudflare 'Nimbus2023' Log https://ct.cloudflare.com/logs/nimbus2023/ 24 hours Chrome 76 Usable
DigiCert DigiCert 'Nessie2023' Log https://nessie2023.ct.digicert.com/log/ 24 hours Chrome 76 Usable
DigiCert DigiCert 'Yeti2023' Log https://yeti2023.ct.digicert.com/log/ 24 hours Chrome 76 Usable
Google Google 'Xenon2023' Log https://ct.googleapis.com/logs/xenon2023/ 24 hours Chrome 77 Usable
Google Google 'Argon2022' Log https://ct.googleapis.com/logs/argon2022/ 24 hours Chrome 77 Usable
Google Google 'Argon2023' Log https://ct.googleapis.com/logs/argon2023/ 24 hours Chrome 77 Usable
Let's Encrypt Let's Encrypt 'Oak2020' Log https://oak.ct.letsencrypt.org/2020/ 24 hours Chrome 78 Usable
Let's Encrypt Let's Encrypt 'Oak2021' Log https://oak.ct.letsencrypt.org/2021/ 24 hours Chrome 78 Usable
Let's Encrypt Let's Encrypt 'Oak2022' Log https://oak.ct.letsencrypt.org/2022/ 24 hours Chrome 78 Usable
Let's Encrypt Let's Encrypt 'Oak2023' Log https://oak.ct.letsencrypt.org/2023/ 24 hours Chrome 87 Qualified
TrustAsia TrustAsia 'Log2020' https://ct.trustasia.com/log2020/ 24 hours Chrome 87 Qualified
TrustAsia TrustAsia 'Log2021' https://ct.trustasia.com/log2021/ 24 hours Chrome 87 Qualified
TrustAsia TrustAsia 'Log2022' https://ct.trustasia.com/log2022/ 24 hours Chrome 87 Qualified
TrustAsia TrustAsia 'Log2023' https://ct.trustasia.com/log2023/ 24 hours Chrome 87 Qualified

Once, but no longer, Qualified Logs

Log Operator Name Log URL MMD Qualified In Last Accepted SCT
Certly Certly.IO Log https://log.certly.io 24 hours Chrome 43 15 April 2016 00:00:00 UTC.
Izenpe Izenpe Log https://ct.izenpe.com 24 hours Chrome 44 30 May 2016 00:00:00 UTC.
Venafi Venafi CT Log Server https://ctlog.api.venafi.com/ct/v1 24 hours Chrome 47 28 Feb 2017 18:42:26 UTC.
WoSign WoSign Log https://ctlog.wosign.com/ 24 hours Chrome 54 12 Feb 2018 23:59:59 UTC.
StartCom StartCom CT Log https://ct.startssl.com/ 24 hours Chrome 54 12 Feb 2018 23:59:59 UTC.
CNNIC CNNIC CT Log https://ctserver.cnnic.cn/ 24 hours Chrome 53 18 Sep 2018 00:00:00 UTC.
DigiCert Symantec Log https://ct.ws.symantec.com 24 hours Chrome 45 16 Feb 2019 00:00:00 UTC.
DigiCert Symantec 'Vega' Log https://vega.ws.symantec.com/ 24 hours Chrome 50 16 Feb 2019 00:00:00 UTC.
DigiCert Symantec 'Sirius' Log https://sirius.ws.symantec.com/ 24 hours Chrome 60 16 Feb 2019 00:00:00 UTC.
Google Google 'Argon2018' Log https://ct.googleapis.com/logs/argon2018/ 24 hours Chrome 65 Rejected - Shard Expired
Cloudflare Cloudflare 'Nimbus2018' Log https://ct.cloudflare.com/logs/nimbus2018/ 24 hours Chrome 65 Rejected - Shard Expired
DigiCert DigiCert 'Yeti2018' Log https://yeti2018.ct.digicert.com/log/ 24 hours Chrome 67 Rejected - Shard Expired
DigiCert DigiCert 'Nessie2018' Log https://nessie2018.ct.digicert.com/log/ 24 hours Chrome 72 Rejected - Shard Expired
Cloudflare Cloudflare 'Nimbus2019' Log https://ct.cloudflare.com/logs/nimbus2019/ 24 hours Chrome 65 Rejected - Shard Expired
DigiCert DigiCert 'Yeti2019' Log https://yeti2019.ct.digicert.com/log/ 24 hours Chrome 67 Rejected - Shard Expired
DigiCert DigiCert 'Nessie2019' Log https://nessie2019.ct.digicert.com/log/ 24 hours Chrome 72 Rejected - Shard Expired
Google Google 'Argon2019' Log https://ct.googleapis.com/logs/argon2019/ 24 hours Chrome 65 Rejected - Shard Expired
Google Google 'Xenon2019' Log https://ct.googleapis.com/logs/xenon2019/ 24 hours Chrome 73 Rejected - Shard Expired
Let's Encrypt Let's Encrypt 'Oak2019' Log https://oak.ct.letsencrypt.org/2019/ 24 hours Chrome 78 Rejected - Shard Expired
Venafi Venafi Gen2 CT log https://ctlog-gen2.api.venafi.com/ 24 hours Chrome 59 Rejected - All Certs Expired
DigiCert DigiCert Log Server 2 https://ct2.digicert-ct.com/log/ 24 hours Chrome 60 04 May 2020 00:00:40 UTC

Policy Version

Chromium Certificate Transparency Policy Version 1.0

About

No description, website, or topics provided.

Resources

License

Releases

No releases published

Packages

No packages published
You can’t perform that action at this time.