Hi ct-policy@,
We previously announced that Chrome would change how logs are monitored for compliance with our requirements, and how we define the 99% requirement for availability. This change will take effect on March 31, 2024. Since availability is calculated over a 90 day window, data will start to count towards the new requirement starting January 1st 2024. After this time, Chrome’s requirement for logs will be 99% availability on each endpoint (excluding get-entry-and-proof for now).
As mentioned on the previous email, the new availability values for each endpoint are published in csv format at https://www.gstatic.com/ct/compliance/endpoint_uptime.csv, and the minimum availability values seen for each log are published at https://www.gstatic.com/ct/compliance/min_uptime.csv. The latter is in the same format of the currently published https://www.gstatic.com/ct/compliance/uptime.csv. Once we fully transition, we will stop publishing uptime.csv to avoid confusion and reflect this change in policy.
The current numbers show that several logs across multiple log operators are struggling to stay highly available. This is an important reality to acknowledge about the present CT ecosystem -- logs are not as available or as robust as we'd hope. We invite log operators to work where they can to improve their log availability, and to let us know of any pain points you might have or if there's anything we can do to help.
We will not be taking any action against logs for these pre-existing per-endpoint availability issues, however we will expect that per-endpoint availability does not get worse. New logs from any operator will be expected to meet all availability requirements from the start of the compliance monitoring period.
Please let us know if there are any questions or concerns,
-Carlos, from the Chrome CT team
--
You received this message because you are subscribed to the Google Groups "Certificate Transparency Policy" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ct-policy+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/ct-policy/CAABgKfUb6%3Ds7sNx75VJfmQ6YewX25STaXyzzRN3V0nOm33F9dQ%40mail.gmail.com.
--
You received this message because you are subscribed to the Google Groups "Certificate Transparency Policy" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ct-policy+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/ct-policy/749a3c41-5f40-4326-899c-48a99556185dn%40chromium.org.