Chris Thompson
87b0b449d4
Update log_list.md ( #46 )
...
Cloudflare Nimbus2026 has moved to Qualified, and DigiCert 2024/2025 logs have moved to Usable, so refreshing the log list.
2024-08-30 11:54:05 -07:00
Chris Thompson
95694b2095
Update log_list.md ( #45 )
...
New Sectigo logs transitioned to Qualified (https://groups.google.com/a/chromium.org/g/ct-policy/c/Ml2rpE2Lypo/m/wg3v2UBYAwAJ ), updating the information log list
2024-07-31 10:06:00 -07:00
Joe DeBlasio
65e2d4931c
minor wordsmithing
2024-07-25 10:28:18 -07:00
Joe DeBlasio
c1bcbd6fb8
Remove policy language no longer applicable to any still-valid certificates.
2024-07-25 10:23:35 -07:00
Joe DeBlasio
e83421e329
Update log list
2024-07-25 10:12:40 -07:00
Joe DeBlasio
b759926370
Update log inclusion link to use Buganizer
2024-07-25 10:08:57 -07:00
Chris Thompson
cc113ef3ca
Remove Yeti2024 log now that it is Rejected ( #39 )
...
The DigiCert Yeti2024 log was transitioned from Retired to Rejected (see the announcement to ct-policy@ [1]), so removing it from the informational log list here.
[1]: https://groups.google.com/a/chromium.org/g/ct-policy/c/6mvSoETm9Qk/m/yLapkocjAgAJ
2023-11-30 12:23:18 -08:00
Joe DeBlasio
28c8c6ee9d
remove Rejected logs
2023-06-02 10:51:44 -07:00
Joe DeBlasio
f6c0da9e43
Update log list
2023-02-16 11:27:40 -08:00
Joe DeBlasio
d7e59e39ad
Update remaining references to v3 log list.
...
Fixes https://github.com/GoogleChrome/CertificateTransparency/issues/35
2023-02-16 11:22:04 -08:00
Joe DeBlasio
0133107870
Nimbus2024, Oak 2024H* -> Usable
2022-12-01 11:42:56 -08:00
Joe DeBlasio
97b2400fd9
Update log_list.md
2022-11-23 12:33:22 -08:00
Joe DeBlasio
827e20c9e5
Update log_list.md to qualify Nimbus2024, Oak 2024H*.
2022-09-26 10:27:36 -07:00
devonobrien
81926697a5
Update log_list.md to incorporate changes
2022-09-16 09:26:05 -07:00
devonobrien
59d8bde15a
Merge EKU change to CT Log rejection criteria
...
Discussion and policy decision announced here: https://groups.google.com/a/chromium.org/g/ct-policy/c/b0H8PQ_ssII/m/kUyQ15TrBgAJ
2022-05-31 15:29:50 -07:00
devonobrien
7ac380aea7
Update stale log list table
...
The current log list table was very out of date; updating the Recognized table now with a script that pulls directly from log_list.json and will add formerly recognized logs and links to crbugs in an upcoming change.
2022-05-22 19:38:22 -07:00
devonobrien
e15593e5b5
Removing '1 Google Log' policy and updating SCT requirements ( #33 )
...
* Remove 1 Google Log req and update required SCTs
For certificates issued on-or-after 15 April 2022, the Chrome CT Policy
will:
- Remove the requirement that at least 1 SCT comes from a Google Log
- Add a requirement that SCTs come from at least 2 log operators
- Require 2 SCTs from distinct logs for certs with validities <= 180 days
- Require 3 SCTs from distinct logs for certs with validities > 180
days
Additional clarification was added to CT Enforcement Timeout section to
discuss Component Updater -delivered log lists.
* Clarify Log Operator Diversity
Added language describing how Chrome determines log operator diversity
in the event that a log changes operators.
Co-authored-by: devonobrien <asymmetric@chromium.org>
2022-03-17 17:20:10 -07:00
devonobrien
b99dadfa52
Fix Contributing link in default.html
2021-08-11 14:02:46 -07:00
devonobrien
8431577f16
Update _config.yml
2021-08-11 13:38:23 -07:00
devonobrien
89bafc69c7
Set theme jekyll-theme-minimal
2021-08-11 13:37:39 -07:00
devonobrien
e00b538ffe
Update default.html links for new repo name
2021-08-11 13:36:12 -07:00
devonobrien
5955d28484
Add shortlinks to policy gh-pages to README.md
2021-07-29 15:53:41 -07:00
devonobrien
4fa79451e0
Merge Nov 2020 CT Policy changes to master ( #32 )
...
Merging Nov 2020 CT Policy changes from the branch currently serving the current CT Policy (https://chromium.github.io/ct-policy/ct_policy.html ) that's hosted on `draft-policy-changes-2020q4` now that the previous text has been archived on branch `archived-pre-nov-2020-ct-policy`
Co-authored-by: Andrew Whalley <awhalley@google.com>
2021-07-09 12:55:10 -07:00
devonobrien
004eaa1a94
Update ct_policy.md
2021-02-03 18:03:09 -08:00
devonobrien
262e5115c5
Add newly Qualified Logs to CT Logs table
...
Add Let's Encrypt Oak 2023 and TrustAsia 2020, 2021, 2022, 2023 CT Logs to the list of recognized CT Logs in Chrome.
2020-10-06 13:56:44 -07:00
devonobrien
b5f2beb38e
Mark DigiCert Log Server 2 as Retired ( #27 )
...
Updating the Recognized Logs table to reflect DigiCert Log Server 2 transitioning from Usable to Retired [1].
[1] https://groups.google.com/a/chromium.org/d/msg/ct-policy/f_OpqFEZT9M/BVAft1O9AAAJ
2020-06-03 19:16:59 -07:00
devonobrien
e4bbd99548
Move Venafi Gen2 CT Log to Rejected
...
Update the informational tables in README.md to reflect Venafi Gen2 CT Log transitioning from Read Only to Rejected, per https://groups.google.com/a/chromium.org/d/msg/ct-policy/ltiBZC_9goI/FdkiyxmNBAAJ
2020-05-27 16:11:15 -07:00
devonobrien
9c6bb805a2
Feb 2020 Log List Changes ( #24 )
...
Moving the expired 2019 shards to 'Rejected' and updating recently-'Usable' Logs
2020-02-14 10:41:29 -08:00
devonobrien
f07101cf2d
Mark Chrome 77 Logs as Usable
...
Google Argon2022, Google Argon2023, Google Xenon2023 CT Logs are now Usable.
2019-12-27 17:06:32 -08:00
devonobrien
87124fbb56
Update Qualified Logs Table
...
Logs added in Chrome 76 are now Usable: Cloudflare Nimbus 2022, Cloudflare Nimbus 2023, DigiCert Nessie 2023, DigiCert Yeti 2023.
2019-12-06 21:19:50 -08:00
devonobrien
9a6b380418
Add LE Oak CT Logs to Qualified Logs
...
Updating the informative table to match Chrome's updated Qualified Log List now that LE Oak 2019, 2020, 2021, 2022 have passed compliance monitoring and have been added to Chrome.
2019-10-14 12:28:03 -07:00
sleevi
de247b17e1
Clarify the enforcement dates ( #21 )
...
In https://github.com/chromium/ct-policy/pull/20 , the main README.md was updated to reference the enforcement dates, but this file was overlooked. Align the two and reword the intro for implementers.
2019-09-18 10:47:30 -07:00
devonobrien
34eafda3ec
Fix Xenon2023 URL and name
2019-08-23 13:07:22 -07:00
devonobrien
adf6ad9155
Add Logs Qualified in Chrome 77
...
The following CT Logs are now Qualified:
Google Argon2022
Google Argon2023
Google Xenon2023
2019-08-23 13:04:17 -07:00
devonobrien
c8588e6b9d
Update Recognized Logs Table
...
Adding DigiCert Nessie 2018 to list of No Longer Qualified CT Logs.
2019-07-19 14:42:31 -07:00
devonobrien
d75481c0c3
Update Recognized Logs Tables ( #20 )
...
* Tweak table format to be more readable in browser
* Update tables to reflect recent Log State changes
* Change CT-enforcement language to reflect April 30, 2018 enforcement date
2019-07-18 11:51:37 -07:00
sleevi
c6697f9550
Disqualify the CNNIC CT Log ( #18 )
...
As per https://groups.google.com/a/chromium.org/d/msg/ct-policy/52uigUBvXfQ/dyoW-Fd3CQAJ , disqualification is effective 2018-09-18 00:00:00 UTC.
2018-09-21 14:30:52 -07:00
devonobrien
f5cd30bdd1
Update README.md ( #15 )
...
Update Chromium CT Policy to reflect that DigiCert Yeti Logs were added to Chrome 67
2018-06-02 13:35:37 +02:00
sleevi
915152123a
Update link to log_list source, as it has changed.
2018-05-24 13:34:59 -04:00
devonobrien
225f44be7f
Add Nimbus and Argon to Qualified CT Logs
2018-03-02 13:26:38 -08:00
devonobrien
daf1365a86
Add Policy Version
2018-02-15 15:49:05 -08:00
sleevi
21cb3623c0
Fix editorial nits
...
The footnote regarding the maximum age for EV certificates was originally attached to >27 months, where it logically made sense (as a condition that would never be hit). It was inadvertently brought to <=27 months. This is a purely editorial change.
Similarly, non-Google hyphenation didn't carry over, so correct that.
2018-01-31 19:55:58 -05:00
sleevi
ac8074c9b1
Update log list
2018-01-31 19:48:19 -05:00
devonobrien
491d0fa63a
Merge pull request #9 from devonobrien/master
...
Add Permissible Logging Rejection Criteria to log_policy.md
2017-08-04 15:29:35 -07:00
devonobrien
65940d2dbd
Merge pull request #1 from devonobrien/devonobrien-rejection-criteria
...
Update log_policy.md
2017-08-03 13:05:20 -07:00
devonobrien
3b55998440
Update log_policy.md
...
Fix typos and define cert expiry range variables: [rangeBegin, rangeEnd).
2017-08-01 00:48:05 -07:00
devonobrien
9e5e870618
Update log_policy.md
...
Replace sunset dates with certificate expiry ranges as a permissible logging rejection criterion
2017-07-28 00:56:41 -07:00
devonobrien
6af5b90ccc
Update log_policy.md
...
Add changes to Log Policy that define Permissible Rejection Criteria that a log can use to reject certain types of certificate logging requests.
2017-07-24 23:35:22 -07:00
Ryan Sleevi
49aa27007d
Initial commit
2017-04-18 11:52:29 -04:00