Transparency logs only available via https (?)

[Thomas Schwieters]

Hello,

I have just noticed, that some (not google) logs have moved from http to https:

e.g.:

http://mammoth.ct.comodo.com/ct/

http://sabre.ct.comodo.com/

http://ct2.digicert-ct.com/log/

http://ctlog-gen2.api.venafi.com/

Since we use a http proxy to filter the traffic to the transparency log, this change cuases some issues on our site.

With https we either (1) cannot filter the traffic any more or (2) have to break the https connection in the proxy.

Since the information to and from the transparency log is public only, I'm wondering why this change has been done at all.

My question is:

- Is this a generell recommendation for transparency logs to use https? If yes, why?

- Is google also planning to use https instead of http?