This is part four of the Certificate Transparency series. See also previous parts: Part 1: Certificate Transparency 101 Part 2: Certificate Transparency Info Leaks Part 3: Certificate Transparency as Communication Channel Introduction Described here is a way to leverage the infrastructure used to store SBOM (Software Bill of Materials) certificates in order to distribute messages via the sigstore database. ...
This is part three of the Certificate Transparency series. Introduction Described here is a way to leverage the infrastructure used to validate certificates in order to distribute messages through the Certificate Transparency Logs. ...
This is part two of the Certificate Transparency series. Crtificate Transparency logs are leaking valuable information about companies due to either unfamiliarity or obliviousness from companies’ IT or DevOps teams. ...
This is part one of the Certificate Transparency series. Certificate Transparency (CT) is a public, append-only logging system for TLS certificates. It was created to make certificate issuance observable so that mis-issuance can be detected quickly and independently. Instead of relying only on trust, CT lets anyone audit which certificates were issued for a domain and when they appeared in a public log. ...