Certificate Transparency in Firefox

Original Article ↗ Hacker News Discussion ↗

What Certificate Transparency (CT) Is and How It Works

  • Described as an append-only, tamper-evident public log (like a “git repo” or Merkle tree) of all certificates issued by public CAs.
  • When a public CA issues a cert, it submits a “pre-certificate” to multiple CT logs and receives signed timestamps (SCTs) promising inclusion.
  • Browsers require proof (SCTs, often embedded in the cert) or they reject the certificate.
  • This makes it much harder for a CA—whether compromised, coerced, or negligent—to silently issue a bogus certificate without it being visible in public logs.

Benefits and Enforcement in Firefox

  • Firefox is “catching up” to Chrome and others by enforcing CT for publicly trusted roots in Mozilla’s store.
  • Regular users rarely see issues; main benefit is protection during the window between misissuance and remediation.
  • CT is enforced only for public CAs; enterprise/private CAs and user-installed roots are exempt, so corporate interception and tools like mitmproxy still work when using custom roots.

What Site Operators Can Do with CT

  • Operators are expected to monitor CT logs for unauthorized certs and, if found, report them to the issuing CA and relevant browser root programs.
  • CA/Browser policies (Baseline Requirements, Mozilla root policy) require revocation and incident reporting; repeated failures can get a CA removed from root stores.
  • Several participants promote CT monitors (e.g., Merklemap, crt.sh) used by security teams, infra engineers, and brand protection.

CT vs CAA, DANE, and DNSSEC

  • CAA: limits which CAs may issue for a domain; CT: detects misissuance after the fact. Multiple commenters say they are complementary and both should be used.
  • DANE/TLSA and DNSSEC: debated heavily; critics call DNSSEC a weak or “dead” PKI with poor deployment and governance, and argue CT+WebPKI is more practical and auditable.
  • Some push for combined models (DANE + CT), others argue complexity and limited incremental security gains.

Privacy, Obscurity, and Mapping Infrastructure

  • Concern: CT exposes internal hostnames and makes infrastructure mapping trivial, creating privacy and potential security issues.
  • Counterpoint: relying on obscurity is dangerous; public-facing endpoints are already easily discoverable (e.g., via passive DNS), and CT improves accountability without single points of failure (multiple independent logs).
  • Suggested mitigations: use wildcards or private CAs for sensitive internal domains.

Deployment Details and Miscellany

  • Some platform-specific differences observed (e.g., Debian builds, Android) likely tied to config flags and telemetry rollout.
  • Timing edges: newly issued certs can briefly trigger CT errors due to clock skew and non-backdated SCTs.
  • A few commenters worry about Firefox’s broader data-collection direction or its reliance on Chrome’s list of trusted CT logs, seeing this as alignment with Google’s ecosystem.