Trust Model for CT Logs?

[Vasily Suvorov]

Hi all,

I've been implementing a monitor for "tiled logs" , which is also checking the entries against the merkle tree. One aspect that is not clear to me is whether or not one is supposed to trust the fingerprints of the issuer certificates' chain that are returned by the log.

Shall I, for example, once the entries are parsed and their hashes checked, also retrieve the issuer certificates (using the fingerprints) and then check that they, in fact, build a correct verification chain? 

I feel the real answer is that all checks have to be performed, in order to ensure compliance and integrity. Or is it too impractical? 

I'd appreciate your thoughts!

Best regards,

Vasily

[Philippe Boneff]

Hi Vasily,

Logs are indeed required to serve a valid fingerprint chain and to make the corresponding intermediate certificates available to be compliant. It's always a plus to check for this if you can. In most cases, a failure to present a valid issuer chain shouldn't compromise the integrity of the log because these structures are not hashed.

However, the MerkleTreeLeaf of PreCert entries contains the issuer_key_hash. A wrong value there would compromise the integrity of the tree, so this one should definitely be checked. As a matter of fact, failures because of this have happened before. It also turns out that as of 3 days ago, Precertificate Signing CAs are not allowed to be used anymore, which should make these failures less likely to happen.

Cheers,
Philippe

--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/certificate-transparency/05086b0a-8371-49dd-bb84-35e8ec8a1b0cn%40googlegroups.com.