📜
Certificate Transparency (CT)
Encryption
Public append-only logs for TLS certificates enabling monitoring and detection of CA mis-issuance.
Definition
CT requires publicly trusted certificates to be logged and includes signed certificate timestamps (SCTs). Domain owners can monitor logs for unexpected certs.
In plain English
Public append-only logs for TLS certificates enabling monitoring and detection of CA mis-issuance.
Why this matters
Why it matters: Detecting mis-issued certs reduces MITM and impersonation risk.
Example
Example: Monitor CT logs for your domains and investigate unexpected certificate issuance.