New Google CT log for expired certificates: Daedalus

[Rob Percival]

The Certificate Transparency team at Google are happy to announce the launch of a new log, Daedalus. It is intended to be a repository for old certificates, and as such will only accept certificates that are expired at the time of submission. It has a Maximum Merge Delay (MMD) of 7 days to accommodate bulk submissions.

We request that certificates be submitted to Daedalus rather than our other logs whenever possible, e.g. when archiving large numbers of expired certificates.

It is accessible at https://ct.googleapis.com/daedalus and its details are listed on our known logs page. Daedalus has the same API and trusted root certificates as our Pilot and Rocketeer logs. The only distinctions are the longer MMD and that non-expired certificates (i.e. those with a “notAfter” date in the future) will be refused with a HTTP 400 “Bad Request” response. Google will not be applying for inclusion of Daedalus in Chrome.