Hacker News
- Certificate Transparency http://www.imperialviolet.org/2011/11/29/certtransparency.html 3 comments
- Certificate Transparency: Hacking web applications before they are installed https://www.golem.de/news/certificate-transparency-hacking-web-applications-before-they-are-installed-1707-129172.html 14 comments
- The “Behind The Sofa” Certificate Transparency Log https://filippo.io/behindthesofa/ 12 comments
- Certificate Transparency: Public, verifiable, append-only logs http://queue.acm.org/detail.cfm?id=2668154 2 comments
- Certificate Transparency: Public, verifiable, append-only logs http://queue.acm.org/detail.cfm?id=2668154 8 comments
- Sunlight, a Certificate Transparency log implementation https://letsencrypt.org/2024/03/14/introducing-sunlight.html 43 comments
- Websites Are Failing with ERR_CERTIFICATE_TRANSPARENCY_REQUIRED https://sslmate.com/blog/post/march_2023_ct_blunders 2 comments
- Elizabeth Warren's Website Uses a Foreign TLD. [ ] Certificate Transparency https://sslmate.com/blog/post/elizabeth_warren_and_certificate_transparency 2 comments
- TLS Certificate Transparency logs let us assess Certificate Authorities https://utcc.utoronto.ca/~cks/space/blog/tech/TLSCTLetsUsMeasureCAUsage 15 comments
- Merkle Town: Explore the certificate transparency ecosystem https://ct.cloudflare.com/ 25 comments
- Random bit-flip invalidates certificate transparency log – again? https://groups.google.com/a/chromium.org/g/ct-policy/c/S17_j-WJ6dI 115 comments
- Oak, a Free and Open Certificate Transparency Log https://letsencrypt.org/2019/05/15/introducing-oak-ct-log.html 18 comments
- Certificate transparency logs and how they are a gold mine to bug hunters https://chris408.com/post/certificate-transparency-logs-and-how-they-are-a-gold-mine-to-bug-hunters/ 10 comments
- Bucket Stream: Finding S3 Buckets by watching certificate transparency logs https://github.com/eth0izzle/bucket-stream 48 comments
- Facebook's New Certificate Transparency Monitoring Tool https://www.facebook.com/notes/protect-the-graph/introducing-our-certificate-transparency-monitoring-tool/1811919779048165 2 comments
- Google's Certificate Transparency Search page to be discontinued May 15th, 2022 https://transparencyreport.google.com/https/certificates 42 comments
- Single random bit flip causes error in certificate transparency log https://groups.google.com/a/chromium.org/g/ct-policy/c/PCkKU357M2Q/ 248 comments
- Private key of DigiCert Certificate Transparency log compromised https://www.feistyduck.com/bulletproof-tls-newsletter/issue_65_private_key_of_digicert_certificate_transparency_log_compromised 39 comments
- A Tour Through Merkle Town, Cloudflare's Certificate Transparency Dashboard https://blog.cloudflare.com/a-tour-through-merkle-town-cloudflares-ct-ecosystem-dashboard/ 4 comments
- Show HN: CLI tool to check Certificate Transparency Logs https://github.com/cemulus/crt 2 comments
Lobsters
- The fall of public key pinning and rise of Certificate Transparency https://medium.com/@mattrco/on-guarding-against-certificate-mis-issuance-b968e61baf18 7 comments security
- Trusted timestamping by (ab)using Certificate Transparency Log https://www.reddit.com/r/crypto/comments/8widhw/trusted_timestamping_by_abusing_certificate/ 9 comments crypto
- The Dark Side of Certificate Transparency https://isc.sans.edu/forums/diary/the+dark+side+of+certificate+transparency/21329/ 3 comments crypto
- CertWatcher — Automating Certificate Transparency OSINT with Apps Script https://medium.com/maverislabs/tool-osint-certwatcher-in-apps-script-aa0ded3dc423 4 comments netsec
- Subdomain enumeration using Censys certificate transparency logs https://github.com/christophetd/censys-subdomain-finder 9 comments netsec
- Preparing for AWS Certificate Manager (ACM) Support of Certificate Transparency https://aws.amazon.com/blogs/security/how-to-get-ready-for-certificate-transparency/ 6 comments aws
- Find interesting Amazon S3 Buckets by watching certificate transparency logs https://github.com/eth0izzle/bucket-stream 8 comments aws
- Bucket Stream: Finding S3 Buckets by watching certificate transparency logs https://github.com/eth0izzle/bucket-stream 22 comments netsec
- Mozilla to Support Certificate Transparency in Firefox | Threatpost http://threatpost.com/mozilla-to-support-certificate-transparency-in-firefox/109819 3 comments firefox
- Edge HTTPS Certificate Issue: ERR_CERTIFICATE_TRANSPARENCY_REQUIRED https://www.reddit.com/r/techsupport/comments/in56he/edge_https_certificate_issue_err_certificate/ 3 comments techsupport
- CertStream - Real time streaming updates from the Certificate Transparency network. https://certstream.calidog.io 27 comments netsec
- The fall of public key pinning and rise of Certificate Transparency https://medium.com/@mattrco/on-guarding-against-certificate-mis-issuance-b968e61baf18 25 comments netsec
- Facebook introduced a free Certificate Transparency Monitoring tool https://www.facebook.com/notes/protect-the-graph/introducing-our-certificate-transparency-monitoring-tool/1811919779048165 6 comments netsec
- Exposing Private Domains via Certificate Transparency Logs [tool release] https://chris408.com/post/certificate-transparency-logs-and-how-they-are-a-gold-mine-to-bug-hunters/ 4 comments netsec
- Apple's response to the WoSign incidents: Free SSL intermediate distrusted, whitelist using Certificate Transparency https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/lWJ1zdUJPLI 7 comments sysadmin
- Apple's response to the WoSign incidents: Free SSL intermediate distrusted, whitelist using Certificate Transparency https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/lwj1zdujpli 34 comments netsec
- It's a bit ridiculous IMO that Firefox still doesn't check certificate transparency logs (a security feature that provides protection against wrongly-issued HTTPS certificates) https://developer.mozilla.org/en-US/docs/Web/Security/Certificate_Transparency 44 comments linux
- StreamingPhish - Uses Supervised Machine Learning to Detect Phishing Domains from the Certificate Transparency Log Network (Full Sources) https://github.com/wesleyraptor/streamingphish 5 comments netsec
- SSL Decoder – An open-source SSL server test, now with Certificate Transparency https://ssldecoder.org/?rdt=1 4 comments sysadmin
- Apple iOS 9's Security & Privacy Features: 6-digit PIN, native 2FA, MAC randomization, VPN API, LibreSSL, HSTS for apps, Certificate Transparency, and more https://medium.com/@fredericjacobs/apple-ios-9-security-privacy-features-8d82d9da10eb 28 comments apple