Discover and read the best of Twitter Threads about #CertificateTransparency

Most recents (2)

I've got trust issues. We all do. Some infosec pros go so far as to say #TrustNoOne, a philosophy more formally known as #ZeroTrust, that holds that certain elements of your security should *never* be delegated to *any* third party. 1/
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

pluralistic.net/2022/11/09/inf… 2/
The problem is, it's trust all the way down. Say you maintain your own cryptographic keys on your own device. How do you know the software you use to store those keys is trustworthy? Well, maybe you audit the source-code and compile it yourself. 3/
Read 69 tweets
If your website's SSL certificate was issued in 2020, it may have stopped working in Chrome today (with the error NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED). Fix is to get a new certificate from your CA.

Use this tool to check if your site is affected: sslmate.com/labs/ct_policy…
Background: Chrome requires all certificates to be published in at least one active (non-retired) #CertificateTransparency log. For various reasons, logs are occasionally shut down/retired. If every log that a certificate is logged to is retired, the cert stops working. 2/n
Many non-Google logs have been retired over the years, but until recently Chrome required that certs also be logged to a Google-operated log. Thus, retiring a log never caused certs to break: you could always count on the cert to be in an active Google log. Until yesterday. 3/n
Read 9 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!