Google announced this week the introduction of a new Certificate Transparency (CT) log for certificate authorities (CAs) that have been removed from trusted root certificate programs and ones that are in the process of being included.
The goal of the Certificate Transparency project is to provide an open framework for monitoring SSL certificates. CT makes it possible to quickly detect certificates that have been issued by mistake or for malicious purposes, and identify rogue CAs.
Google has now decided to expand CT with logs that track previously trusted CAs and new CAs that are in the process of being included in browser-trusted root programs.
The search giant has pointed out that including these CAs in trusted logs can be problematic due to revocation policies and the possibility of cross-signing attacks. That is why the new log, dubbed “submariner,” is not trusted by Chrome, although it is listed in the Known Logs page and has the same API as existing logs.
For the time being, the new CT log includes the certificates chaining up to the root certificates recently discontinued by Symantec, and certificates that are pending inclusion in Mozilla products.
Recommendations for additional certificates that should be included in the new CT log can be sent to google-ct-logs(at)googlegroups.com.
“Everyone is welcome to make use of the log to submit certificates and query data. We hope it will prove useful and help to improve web security,” Martin Smith, CT software engineer at Google, said in a blog post.
Google announced last week that it started tracking the use of HTTPS on the world’s top 100 websites. The new service also includes a certificate transparency feature that allows users and administrators to check the name of the certificate issuer for a specified website.
Related Reading: Let’s Encrypt Issues More Than 1 Million Digital Certificates
Related Reading: Amazon Offers Free SSL/TLS Certificates

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Siemens License Manager Vulnerabilities Allow ICS Hacking
- CISA Releases Open Source Recovery Tool for ESXiArgs Ransomware
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability
Latest News
- Minister: Cybercrimes Now 20% of Spain’s Registered Offenses
- Skybox Security Raises $50M, Hires New CEO
- Spies, Hackers, Informants: How China Snoops on the US
- Australian Man Sentenced for Scam Related to Optus Hack
- Chrome 110 Patches 15 Vulnerabilities
- Application Security Protection for the Masses
- Tor Network Under DDoS Pressure for 7 Months
- Siemens License Manager Vulnerabilities Allow ICS Hacking
