Certificate Transparency Means What, Again?
Summary
Google's Chrome browser will begin enforcing Certificate Transparency (CT) in one year. This means Chrome will verify that websites' SSL/TLS certificates are logged in public CT logs before establishing a connection.
IFF Assessment
Enforcing Certificate Transparency is a positive step for defenders as it helps to ensure the legitimacy of SSL/TLS certificates, making it harder for attackers to impersonate legitimate websites.
Defender Context
Certificate Transparency is a critical mechanism for ensuring the integrity of the public key infrastructure. Defenders should be aware of this upcoming enforcement in Chrome, as it may reveal misconfigurations or potentially malicious activity related to certificate issuance. Monitoring CT logs can provide early warnings of suspicious certificate activity.