Browsers can usually detect malicious websites that are provisioned with forged or fake SSL certificates. However, current cryptographic mechanisms aren’t so good at detecting malicious websites if they’re provisioned with mistakenly issued certificates or certificates that have been issued by a certificate authority (CA) that’s been compromised or gone rogue. In these cases, browsers see nothing wrong with the certificates because the CA appears to be in good standing, giving users the impression that the website they’re visiting is authentic and their connection is secure.
One of the problems is that there is currently no easy or effective way to audit or monitor SSL certificates in real time, so when these missteps happen (malicious or otherwise), the suspect certificates aren’t usually detected and revoked for weeks or even months. What’s more, these types of SSL missteps are occurring with increasing frequency. Over the past few years there have been numerous instances of mis-issued certificates being used to spoof legitimate sites, and, in some case, install malicious software or spy on unsuspecting users.
Certificate Transparency to the Rescue
Certificate Transparency aims to remedy these certificate-based threats by making the issuance and existence of SSL certificates open to scrutiny by domain owners, CAs, and domain users. Specifically, Certificate Transparency has three main goals:
- Make it impossible (or at least very difficult) for a CA to issue a SSL certificate for a domain without the certificate being visible to the owner of that domain.
- Provide an open auditing and monitoring system that lets any domain owner or CA determine whether certificates have been mistakenly or maliciously issued.
- Protect users (as much as possible) from being duped by certificates that were mistakenly or maliciously issued.
Certificate Transparency satisfies these goals by creating an open framework for monitoring the TLS/SSL certificate system and auditing specific TLS/SSL certificates.
To improve trust and security when communicating with secure services, Chromium-derived products, such as Google Chrome, will require certificates presented by servers to be publicly audited using Certificate Transparency. As specified by RFC 6962, Certificate Transparency includes a multi-party protocol for providing cryptographically-verifiable proofs to audit the issuance and security practices of Certificate Authorities.
When implemented, Certificate Transparency helps guard against several types of certificate-based threats, including mis-issued certificates, maliciously acquired certificates, and rogue CAs. These threats can increase financial liabilities for domain owners, tarnish the reputation of legitimate CAs, and expose Internet users to a wide range of attacks such as a website spoofing, server impersonation, and man-in-the-middle attacks.
The Certificate Transparency framework aims to curb these certificate-based threats by bringing public scrutiny and openness to the SSL certificate system. Through its open framework of publicly run monitors and auditors, Certificate Transparency provides several benefits that are lacking or absent in the current SSL certificate system:
Early detection of mis-issued certificates, malicious certificates, and rogue CAs.
In most cases, the Certificate Transparency system can detect suspect certificates or CAs in a few hours instead of a few days, a few weeks, or a few months.
Faster mitigation after suspect certificates or CAs are detected.
Although Certificate Transparency relies on existing mitigation mechanisms to address harmful certificates and CAs--for example, certificate revocation--the shortened detection time will speed up the overall mitigation process when harmful certificates or CAs are discovered.
Better oversight of the entire TLS/SSL system.
Certificate Transparency is founded on an open framework that supports public observation and verification of newly issued and existing TLS/SSL certificates, which gives any interested party the opportunity to observe and verify the health and integrity of the TLS/SSL system--domain owners, CAs, and users alike.