Certificate Transparency Breakout Room (Part I)
The breakout session on Certificate Transparency offers a valuable opportunity for members of the ecosystem to come together to brainstorm ways to make CT more robust and address emerging challenges. Industry practitioners as well as those new to the space are welcome to join.
Preliminary Agenda
- Understanding and reducing existing challenges for log operators and other members of the ecosystem, both in an RFC6962 and static-ct-api world.
- Operating a log is expensive, and CT would benefit from a more robust set of operators. How can we make the lives of log operators easier, and the value proposition better?
- Are there additional constituencies who could be better served by CT? What changes could we make that would unlock easier and more effective use of CT data for other members of the log ecosystem?
- Expanding CT to a Post-Quantum age
- The WebPKI PQ cryptography offers a number of significant challenges
- Can’t put two ML-DSA SCTs in a certificate due to size. Maybe tree head signatures are ok with ML-DSA. How do we solve the SCT problem? At what point do we want to start thinking about PQC for CT?
- Additional topics as suggested live from the group, time permitting.
Session Leader:
Joe DeBlasio