How does public log perform internal search?
99 views
Skip to first unread message
Omolola Olamide
Mar 1, 2018, 5:58:51 AM3/1/18
to certificate-transparency
Suppose a client desires to validate a SCT from the Log, How does the log validate and search for the appropriate certificate once it is contacted? Searching a Merkle tree involves going over the leaves one by one. Is this also what the Log does?
Pierre Phaneuf
Mar 1, 2018, 9:19:46 AM3/1/18
to certificate-transparency
Most log implementations use an index of leaf hashes to Merkle tree
index number, to help implement the get-proof-by-hash endpoint
(section 4.5 of RFC 6962).
See this, for example:
https://github.com/google/certificate-transparency/blob/master/cpp/log/log_lookup.cc#L212
> --
> You received this message because you are subscribed to the Google Groups
> "certificate-transparency" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to certificate-transp...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/certificate-transparency/1aacc1a9-0a92-4841-a8d8-fc88c222ce4c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
index number, to help implement the get-proof-by-hash endpoint
(section 4.5 of RFC 6962).
See this, for example:
https://github.com/google/certificate-transparency/blob/master/cpp/log/log_lookup.cc#L212
> You received this message because you are subscribed to the Google Groups
> "certificate-transparency" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to certificate-transp...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/certificate-transparency/1aacc1a9-0a92-4841-a8d8-fc88c222ce4c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Omolola Olamide
Mar 6, 2018, 4:20:43 PM3/6/18
to certificate-transparency
Thank you so much. I have been searching for this
On Thursday, March 1, 2018 at 3:19:46 PM UTC+1, Pierre Phaneuf wrote:
Most log implementations use an index of leaf hashes to Merkle tree
index number, to help implement the get-proof-by-hash endpoint
(section 4.5 of RFC 6962).
See this, for example:
https://github.com/google/certificate-transparency/blob/master/cpp/log/log_lookup.cc#L212
On Thu, Mar 1, 2018 at 10:56 AM, Omolola Olamide
<omolola...@gmail.com> wrote:
> Suppose a client desires to validate a SCT from the Log, How does the log
> validate and search for the appropriate certificate once it is contacted?
> Searching a Merkle tree involves going over the leaves one by one. Is this
> also what the Log does?
>
> --
> You received this message because you are subscribed to the Google Groups
> "certificate-transparency" group.
> To unsubscribe from this group and stop receiving emails from it, send an
Reply all
Reply to author
Forward
0 new messages