Root Causes 59: What Is Certificate Transparency?

Episode Transcript

Lightly edited for flow and brevity.

• 

  Tim Callan

  So, Jay, today, we are going to talk about a thing called certificate transparency.

• 

  Jason Soroko

  Yes. Specifically, certificate transparency logs.

• 

  Tim Callan

  Yes. So, certificate transparency is a, what do I want to call it, an industry practice that applies to TLS certificates very specifically and what happens is that anybody who is issuing publicly trusted TLS certificates as part of their browser root store compliance must “log” these certificates, these TLS certificates as they issue them to these things we call CT logs, or certificate transparency logs.

• 

  Jason Soroko

  Yeah. So, what the heck does that mean?

• 

  Tim Callan

  So, what it is, is - - so, let's back up, right. What are the benefits of CT? Why do we have certificate transparency to begin with? Well, there used to be a problem in the world of SSL/TLS and arguably there still is and we'll get to that, but it used to be worse, which was that if somebody was out getting certificates that were copycatting your brand name, how would you ever know? So, the basic idea behind a certificate is a certificate certifies right? It vouches for who I am. So, I own, you know, majorbank.com and I go out and I get certificates on behalf of majorbank.com and if they're DV then they're confirming that the domain is correct and if they're OV or AV organization validation or extended validation, then they're also confirming the identity that I am major bank, and this is the address that I do business and things along those lines. And so, that's great because the certificate is a positive affirmation of identity. But the challenge comes, the scenario comes, if somebody is out there faking my identity and they're doing it independently and separately from me then they can be out there getting certificates for their fake identity and that never crosses my path. So, I, as the owner of the true identity, of the authentic identity, never have a chance to say, no that certificate is not really for me. That certificate is not legit. Because I don't have any visibility on it. It's going on somewhere else, by somebody else who faking my identity and I don't see it and I don't know. And at the most basic level that's what certificate transparency is supposed to solve. What CT does is it forces all the public CAs to maintain logs of all of the certificates that they issue. So, now if I own a certain brand - - I own Coca Cola and I want to see everything that everybody's doing with certificates that involves the word Coca Cola, in principle, I can go do searches and I can find all of that stuff. And if it turns out that somebody is doing that to do something nefarious or somebody is using those to in some way be deceptive, in principle, I may be able to discover that and do something about it like get the certificates revoked or take some other kind of action. So, you know, at a real basic level, that's the biggest motivator behind certificate transparency.

• 

  Jason Soroko

  That's well said, Tim. For those of you who are kind of nerds within the security community or especially public trust, I think one of the things that is interesting about these CT logs is that they are essentially one-way hashes. In fact, the CT logs themselves are essentially a Merkle tree. Break it down to what that really, really means is that every single record really is not going to be possible to change it. Every single issuance of a certificate result in a new hashed record in the CT log that cannot be changed. It's there forever, period. It just it's a matter of just tombstone record.

• 

  Tim Callan

  Yeah.

• 

  Jason Soroko

  And it just continually grows. It doesn't shrink, it just grows. And so that - - the principle of that was so that we have a full ledger record, you know, not just an operational record, but a ledger of everything that has been issued. So—

• 

  Tim Callan

  Right.

• 

  Jason Soroko

  It was a good choice of a Merkle tree to do that.

• 

  Tim Callan

  So – right. So, for instance, you know, if somebody issues a certificate and then they do a replace and the old certificate is taken out of circulation and it's, you know, revoked and the new certificate starts being used in its place, there still was a period of time when that other certificate was in use or if a certificate exists and then it expires there was a period of time when it was in use. So, what we get with the CT logs and with the permanent record approach is in theory again, in principle, we could look backward, and we could understand the entirety of what's going on. So, it's not just about what certificates are active right now but it's maybe also what certificates were active a year ago currently.

• 

  Jason Soroko

  That's exactly right. And so, would you like me to try to bring up a potential downside to this because everything so far sounds very reasonable, and it sounds like a really good idea. I think the people who own these web properties certainly have a vested interest in this. I think that the browsers certainly have an interest in making sure the certificates that are issued are the are what are intended and having that publicly available, and I think as a CA, you know, it holds the CAs accountable to, you know, what was issued?

• 

  Tim Callan

  So, what is this downside that you see?

• 

  Jason Soroko

  Yeah, so think about - - you don't even have to be a large organization but you can imagine that this would be of particular interest to a large organization but if you have a large intranet, for example, or large internal network that has had publicly trusted certificates issued on behalf of those internally network servers for the purposes of, hey, when I browse to that internal system, I want to have an SSL certificate issued to it. The issue there is you might not want to expose that information. So, if you're, you know, a big company XYZ and you've entrusted a trusted third-party CA, in order to issue a bunch of SSL certificates for your internal organization, those are all going to go into a CT log.

• 

  Tim Callan

  Yeah.

• 

  Jason Soroko

  And you might not want that,

• 

  Tim Callan

  Right and so there's a few ways - absolutely, that's one of the things that's been brought up and there's a few ways that could be bad. One is just, again, if somebody is seeking to attack your infrastructure if they can gather all of your certs and inventory them that helps them map your activities, right. And they can understand things like relative emphasis of different parts of your infrastructure - how you tend to structure and organize things, what the cadence is for obtaining and replacing certificates. There are a lot of things that could necessarily - - that could be system, teased out of that that helps somebody to map their attack on you, again, if they're doing something sophisticated. The other thing though, is just competitive information, right? So, if I have a very popular product. I have a super popular product and then I want to go out and I want to release a version two of it and somebody goes and obtains a certificate for versiontwolaunch.superpopularproduct.com, right, I may be giving away that information ahead of time. And so, if I want to obtain these certificates and stage things and work on things, and in the process of so doing, everything I do must be publicly transparent, it could interfere with company's ability to maintain business secrets very legitimately.

• 

  Jason Soroko

  That's right. So, there are consequences to having a rule that states you know, every single issuance needs to be put publicly into the CT log. So, yeah, those are some scenarios perhaps, you know, listenership here can even think of perhaps others. But, on the whole, it's probably not a bad idea and we definitely sponsor CT logs in the industry, Sectigo does, and you know, we believe in it, we participate in it wholeheartedly. You know, it is what it is. It's probably not perfect, but very few good ideas are.

• 

  Tim Callan

  So yeah, Sectigo participates in a few ways. One of which is that we are of course, a very large public CA and as such, we're issuing lots and lots of TLS certificates and we are logging them. So, that’s way one that we participate.

  Way two that we participate is that we do sponsor, Let's Encrypt CT log. So, Let's Encrypt runs a CT log and Sectigo makes that possible. And so that's another element of how we're involved and we're doing that just because the ecosystem needs it. Like we need to have CT logs and I should return to this point because it's a good point to return to, but the ecosystem needs to CT logs and so we just decided to, you know, pony up and make sure that it did and so this is the way to do that.

  And then the third thing where Sectigo participates is we have a tool called CRT.SH and CRT.SH to the degree is the only tool that I'm aware of that aggregates all of the available CT logs into a single tool where you can search and you can find results that look across the various CT logs all together in a single place and as such CRT.SH is popular among people who are trying to understand what's going on in the world of TLS certificates.

• 

  Jason Soroko

  Yeah, Tim, that's exactly right. That's Rob Stradling, one of our colleagues, who set that up, but he's a particularly gifted individual who I don't want to make his head too big by saying that, but—

• 

  Tim Callan

  We should have Rob on sometime.

• 

  Jason Soroko

  Absolutely. You know what, he would be a great guest on this podcast.

• 

  Tim Callan

  Yeah, he would be. Let's do that. Now so you talked, we talked some about the benefits - - the most basic or the original motivating benefit behind CT logs, which was to be able to police your own brand essentially. I think there are other benefits that come out of CT logging as well, that are, wouldn't maybe be the primary motivator but are a value. And one of which is it's sort of a quality maintenance activity. So, if CT logs are there it gives browsers and private opportunity individuals and CAs the opportunity to look at certificates in a much easier way and try to ensure that they follow the rules, that they're, you know, authenticated correctly, that they're doing other things in the way that they need to be done and we certainly have seen CT logs used this way, where people have gone through and have used CT logs to identify certs that had compliance errors or things along those lines and bring those to the attention of the CA's and get those certs swapped out. So that's another way that CT logs can be used.

  And another way is for research, right. Is to say, let's understand the trends and let's understand how these certificates are used, right? These certificates are a fundamental part of the fabric of our digital society. Without TLS certificates, you know, we wouldn't be able to use the internet, essentially and so, they're very important. They're very important to all of us. They're important to business. They're important to technologists. They're important sociologically. And to be able to see these certificates in the aggregate and in their entirety absolutely has potential benefits for people understanding how they're used, and how their use reflects on other aspects of our digital lives. So, those are other potential benefits as well, I think we haven't seen that much of the last one but it's there and there's no reason why we couldn't.

• 

  Jason Soroko

  It's a little difficult because the size of the datasets are quite large and unless you have commercial level toolsets to be able to handle it could be cumbersome. However, I think another - - I'll add to your list, Tim, and this comes under the subset of that last point of research. Looking for perhaps subdomains that look like potentially phishing site related is another area that is of interest, and I've seen some of that research activity on Twitter now and again. So, that's kind of interesting. If you have, as you said, you know, brandname.somethingelse.com, you know, perhaps within 24 hours of that certificate being issued, maybe we're looking at a phishing site. That’s a potential.

• 

  Tim Callan

  Yeah, and that could be the brand name owner or that could be other individuals, right? It wouldn't even have to be the brand name owner who discovered that, and I guess that's one of the other benefits of CT is that it really - - it's transparent it's available to anybody. And so, theoretically, other people could discover these things and surface these things. Now one of the little-known facts of CT that I think is worth clarifying is that certificate transparency, though it is a requirement, is not a CA/Browser Forum requirement. So, we very recently did an episode about the CA/Browser Forum and what it is and how it works, and we talked about the baseline regulations and the EV guidelines and all of that, but CT is not part of any of that. So, CT is entirely a product of browser root stores. It is a browser root store requirement and there are a pair of popular browsers, it's Chrome and Safari, that basically say if you want to participate in our root store, you need to write all of your TLS certs to CT logs and that's important because there isn't really anybody who's going to make public certs available that does not want to be in those two root stores and so that has the de facto effect of making it into an industry requirement, even though it has nothing to do with CA/Browser Forum.

• 

  Jason Soroko

  Right. Thanks, Tim. I think that for those of you want to understand the industry, you know, there are some of these things that we do in the public trust world that are not necessarily CA/Browser Forum bound, they are absolutely being, you know, because of the influence of the of the of the larger browser community, sometimes those guys get their way and that's - - in this case, I think everybody agreed that it was, you know, it was an idea that needed to be - - to move forward.

• 

  Tim Callan

  Right, now, let's talk about moving forward. So, you know, lest we say that this is all brightness and sunshine. You already talked about one potential harm that comes from CT logs. I think the other thing that worries me about CT logs is on the balance, it's a fragile system. There are very few logs, and you could imagine if one or two of these logs went offline because somebody decided it wasn't worth their while to do it anymore, we would actually have a logging crisis. The rules are that you must log your certs to two different logs and there's a small number of logs that can really have the handle the volume of TLS certs that are being produced today and so they're out there being produced. So like Cloudflare runs one of them, for instance. Cloudflare isn’t a CA. Like, you could imagine somebody from Cloudflare getting up in the morning and saying I don't want to have this expense anymore. And if that happened. t log would go away, and we don't have a lot of logs. So that's part of why we decided to, you know, to sponsor a log and add a little more robustness to the system because right now it's thin and that's one of the things that's worrisome about CT logs. And the other thing, I think, is that we could need a lot, we could do with a lot more tooling. So, we talked about COT.SH and it's a great useful tool but why aren't there other tools? And why aren’t there lots of tools? And how come there aren't tools that are very visual and very easy for, you know, any lay person to go in and use? And those things don't exist right now. Like, you've got to be hardcore, to study CT logs and I think that there is room for the industry, or for, you know, other outsiders to provide much better visibility into what these logs say.

• 

  Jason Soroko

  I think that Google also has their own tool as well, but it has some limitations in terms of what you can query on it. Some of the most important queries based off the advantages to CT logs, you perhaps are able to do on CRT.SH or in Google's certificate transparency search tool, but as you say, I don't think it's enough and also, as you say, you've got to be a very deep insider even to be able to interpret what the output of some of these logs are. So, you know, again, it's - - I don't know what we'll see if the industry comes together to push this but it will definitely be an evolution in terms of where it is today.

• 

  Tim Callan

  Yeah, I agree. And so, you know, to be clear, I think that CT logs are a net positive in a big way and I think we're better off in the world with them than without them, but there are some potential downsides like you've isolated and also, just in general, I think we need to keep moving this baton forward. I don't think that this is a part of the industry that's really as mature as we all would like it to be.

• 

  Jason Soroko

  That's right, Tim. Hey, you know, I'm going to connect an idea here just to finish this off.

• 

  Tim Callan

  Okay.

• 

  Jason Soroko

  You know, for people who are interested in the arithmetic size of this thing, as we see lifespans of SSL certificates go down and we podcasted about this not that long ago.

• 

  Tim Callan

  Right.

• 

  Jason Soroko

  You can imagine that as the renewal rates of certificates needs to grow the CT logs, which are already horrendously large, which is leading to these limitations Tim just talked about are only going to make those CT logs bigger and bigger and bigger. It's, you know, it's not the end of the world, I mean, there’s disc space out there, but it certainly is going to make those that that Merkle tree pretty darn enormous.

• 

  Tim Callan

  You're absolutely right. If, in a day in the future, as we have speculated, if two-year TLS certs become disallowed and everything goes to one-year certs, then the rate at which certs are being logged will probably nearly double and if the trend toward 90-day automation, automated certs, picks up more steam then you will see, you know, the number of certs potentially quadruple or the number of log entries potentially quadruple from there. So, it could turn out to be a whole lot more records very quickly, even than it is now.

• 

  Jason Soroko

  Yeah, which as I say, it's not the end of the world, it just means the types of systems that you will require in order to get value out of the CT logs will just get bigger and bigger. Thankfully, you know, the kind of metal that is needed to do that does exist it’s just, as you said earlier, you have to be a bit hardcore to be able to handle it.

• 

  Tim Callan

  Yep. So, you know, I'm optimistic that the industry is going to rise to the challenge and keep these things working and working correctly but these are some things for all of us to be aware of, as we want to keep the whole thing running.

• 

  Jason Soroko

  Yeah, that's it. Tim. Interesting subject. In the public trust world it's an important topic and I'm glad we got to cover it in at least one podcast.

• 

  Tim Callan

  I agree and as always, thanks for your insights. Jason.

• 

  Jason Soroko

  Thank you.

• 

  Tim Callan

  And, thank you, Listeners, this has been Root Causes.