Add ctlog landing page
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
62
content/ctlog.md
Normal file
62
content/ctlog.md
Normal file
@@ -0,0 +1,62 @@
|
||||
---
|
||||
title: 'Certificate Transparency'
|
||||
date: 2025-07-30
|
||||
url: /s/ct
|
||||
---
|
||||
|
||||
Certificate Transparency logs are "append-only" and publicly-auditable ledgers of certificates being
|
||||
created, updated, and expired. This is the homepage for IPng Networks' Certificate Transparency
|
||||
project.
|
||||
|
||||
Certificate Transparency [[CT](https://certificate.transparency.dev)] is a system for logging and
|
||||
monitoring certificate issuance. It greatly enhances everyone’s ability to monitor and study
|
||||
certificate issuance, and these capabilities have led to numerous improvements to the CA ecosystem
|
||||
and Web security. As a result, it is rapidly becoming critical Internet infrastructure. Originally
|
||||
developed by Google, the concept is now being adopted by many _Certification Authories_ who log
|
||||
their certificates, and professional _Monitoring_ companies who observe the certificates and
|
||||
report anomalies.
|
||||
|
||||
IPng Networks runs our logs under the domain `ct.ipng.ch`, split into a `*.log.ct.ipng.ch` for the
|
||||
write-path, and `*.mon.ct.ipng.ch` for the read-path.
|
||||
|
||||
We are submitting our log for inclusion in the approved log lists for Google Chrome and Apple
|
||||
Safari. Following 90 days of successful monitoring, we anticipate our log will be added to these
|
||||
trusted lists and that change will propagate to people’s browsers with subsequent browser version
|
||||
releases.
|
||||
|
||||
We operate two popular implementations of Static Certificate Transparency software.
|
||||
|
||||
## Sunlight
|
||||
|
||||
[[Sunlight](https://sunlight.dev)] was designed by Filippo Valsorda for the needs of the WebPKI
|
||||
community, through the feedback of many of its members, and in particular of the Sigsum, Google
|
||||
TrustFabric, and ISRG teams. It is partially based on the Go Checksum Database. Sunlight's
|
||||
development was sponsored by Let's Encrypt.
|
||||
|
||||
Our Sunlight logs:
|
||||
* A staging log called [[Rennet](https://rennet2025h2.log.ct.ipng.ch/)], incepted 2025-07-28,
|
||||
starting from temporal shard `rennet2025h2`.
|
||||
* A production log called [[Gouda](https://gouda2025h2.log.ct.ipng.ch/)], incepted 2025-07-30,
|
||||
starting from temporal shard `gouda2025h2`.
|
||||
|
||||
## TesseraCT
|
||||
|
||||
[[TesseraCT](https://github.com/transparency-dev/tesseract)] is a Certificate Transparency (CT) log
|
||||
implementation by the TrustFabric team at Google. It was built to allow log operators to run
|
||||
production static-ct-api CT logs starting with temporal shards covering 2026 onwards, as the
|
||||
successor to Trillian's CTFE.
|
||||
|
||||
Our TesseraCT logs:
|
||||
* A staging log called **Lipase**.
|
||||
* A production log called **Halloumi**.
|
||||
|
||||
## Operational Details
|
||||
|
||||
You can read more details about our infrastructure on:
|
||||
* **[[TesseraCT]({{< ref 2025-07-26-ctlog-1 >}})]**, published on 2025-07-26.
|
||||
* **Sunlight** (todo)
|
||||
* **Operational Notes** (todo)
|
||||
|
||||
The operators of this infrastructure are **Antonis Chariton**, **Jeroen Massar** and **Pim van Pelt**. \
|
||||
You can reach us via e-mail at [[<ct-ops@ipng.ch>](mailto:ct-ops@ipng.ch)].
|
||||
|
||||
Reference in New Issue
Block a user