Retrying and persisting SCT audit reports

142 views

Skip to first unread message

Chris Thompson

unread,

Oct 29, 2020, 8:12:07 PM10/29/20

to chromium-design-docs

Design doc link: https://docs.google.com/document/d/1YTUzoG6BDF1QIxosaQDp2H5IzYY7_fwH8qNJXSVX8OQ/edit

Summary

SCT Auditing is a new feature to have opted-in clients send a sample of the signed certificate timestamps (SCTs) they encounter to an auditor (for Chrome this is Safe Browsing) in order to monitor and detect misbehaving Certificate Transparency (CT) logs (see our previous public design doc on Opt-in SCT Auditing for more details). Currently, the SCTAuditingCache only does best-effort sending of SCT audit reports to Safe Browsing. We want to extend this to be more resilient to transient failure modes (for long definitions of “transient”), including some adversarial failure modes where a network attacker can block reports. To make sending reports more robust, we plan to (1) change the SCTAuditingCache to retry sending reports over time, and (2) persist pending reports to disk so that retries can span across browser sessions.

Platforms

Mac, Windows, Linux, Chrome OS (we do not currently enforce Certificate Transparency on Android or iOS)

Team

Project lead: cth...@chromium.org

Team TL: est...@chromium.org

Public team list: securit...@chromium.org

Code affected

SCTAuditingCache

Reply all

Reply to author

Forward

0 new messages