This repository contains documents related Chromium's Certificate Transparency policies, such as the Certificate Transparency Log Policy.
Their contents can be discussed in the ct-policy@chromium.org forum.
In order to help protect users of the Chromium Projects, CAs are expected to support Certificate Transparency. This allows users, the Chromium Authors, and the public to verifiably audit that CAs are conforming to the policies set out in Chromium's Root Certificate Policy.
Currently, Chromium does not enforce that all Root CAs support Certificate Transparency for all certificates. However, it is required for the certificates issued by some CAs, and in order to have a certificate recognized as an Extended Validation certificate, that such certificates MUST be CT Qualified. For more details, see the Certificate Transparency in Chrome Policy.
In order for a Log to be included within Chromium, it must meet the requirements of the Certificate Transparency Log Policy. The Log Policy describes the steps for Log Operators to submit Logs for inclusion within Chromium.
The following table includes information about the Certificate Transparency Logs that are recognized by Chromium. It includes information about who operates the log, the name the log has been given, and the URL that can be used for logging certificates or inspecting the certificates that have been logged.
Note: The authoritative list is maintained in the Chromium code base. This is merely informational.
| Log Operator | Name | Log URL | Maximum Merge Delay | Included Since | Last Accepted SCT |
|---|---|---|---|---|---|
| Certly | Certly.IO Log | https://log.certly.io | 24 hours | Revision: https://crrev.com/325382 Chrome: 43 |
15 April 2016 00:00:00 UTC. |
| Izenpe | Izenpe Log | https://ct.izenpe.com | 24 hours | Revision: https://crrev.com/326301 Chrome: 44 |
30 May 2016 00:00:00 UTC. |
| Venafi | Venafi CT Log Server | https://ctlog.api.venafi.com/ct/v1 | 24 hours | Revision: https://crrev.com/349170 Chrome: 47 |
Last Accepted SCT: 28 Feb 2017 18:42:26 UTC. |
| WoSign | WoSign Log | https://ctlog.wosign.com/ | 24 hours | Revision: https://crrev.com/414378 Chrome: 54 |
12 Feb 2018 23:59:59 UTC. |
| StartCom | StartCom CT Log | https://ct.startssl.com/ | 24 hours | Revision: https://crrev.com/414440 Chrome: 54 |
12 Feb 2018 23:59:59 UTC. |
| CNNIC | CNNIC CT Log | https://ctserver.cnnic.cn/ | 24 hours | Revision: https://crrev.com/396817 Chrome: 53 |
18 Sep 2018 00:00:00 UTC. |
Chromium Certificate Transparency Policy Version 1.0