87b0b449d4
Update log_list.md ( #46 )
...
Cloudflare Nimbus2026 has moved to Qualified, and DigiCert 2024/2025 logs have moved to Usable, so refreshing the log list.
2024-08-30 11:54:05 -07:00
95694b2095
Update log_list.md ( #45 )
...
New Sectigo logs transitioned to Qualified (https://groups.google.com/a/chromium.org/g/ct-policy/c/Ml2rpE2Lypo/m/wg3v2UBYAwAJ ), updating the information log list
2024-07-31 10:06:00 -07:00
65e2d4931c
minor wordsmithing
2024-07-25 10:28:18 -07:00
c1bcbd6fb8
Remove policy language no longer applicable to any still-valid certificates.
2024-07-25 10:23:35 -07:00
e83421e329
Update log list
2024-07-25 10:12:40 -07:00
b759926370
Update log inclusion link to use Buganizer
2024-07-25 10:08:57 -07:00
cc113ef3ca
Remove Yeti2024 log now that it is Rejected ( #39 )
...
The DigiCert Yeti2024 log was transitioned from Retired to Rejected (see the announcement to ct-policy@ [1]), so removing it from the informational log list here.
[1]: https://groups.google.com/a/chromium.org/g/ct-policy/c/6mvSoETm9Qk/m/yLapkocjAgAJ
2023-11-30 12:23:18 -08:00
28c8c6ee9d
remove Rejected logs
2023-06-02 10:51:44 -07:00
f6c0da9e43
Update log list
2023-02-16 11:27:40 -08:00
d7e59e39ad
Update remaining references to v3 log list.
...
Fixes https://github.com/GoogleChrome/CertificateTransparency/issues/35
2023-02-16 11:22:04 -08:00
0133107870
Nimbus2024, Oak 2024H* -> Usable
2022-12-01 11:42:56 -08:00
97b2400fd9
Update log_list.md
2022-11-23 12:33:22 -08:00
827e20c9e5
Update log_list.md to qualify Nimbus2024, Oak 2024H*.
2022-09-26 10:27:36 -07:00
81926697a5
Update log_list.md to incorporate changes
2022-09-16 09:26:05 -07:00
59d8bde15a
Merge EKU change to CT Log rejection criteria
...
Discussion and policy decision announced here: https://groups.google.com/a/chromium.org/g/ct-policy/c/b0H8PQ_ssII/m/kUyQ15TrBgAJ
2022-05-31 15:29:50 -07:00
7ac380aea7
Update stale log list table
...
The current log list table was very out of date; updating the Recognized table now with a script that pulls directly from log_list.json and will add formerly recognized logs and links to crbugs in an upcoming change.
2022-05-22 19:38:22 -07:00
e15593e5b5
Removing '1 Google Log' policy and updating SCT requirements ( #33 )
...
* Remove 1 Google Log req and update required SCTs
For certificates issued on-or-after 15 April 2022, the Chrome CT Policy
will:
- Remove the requirement that at least 1 SCT comes from a Google Log
- Add a requirement that SCTs come from at least 2 log operators
- Require 2 SCTs from distinct logs for certs with validities <= 180 days
- Require 3 SCTs from distinct logs for certs with validities > 180
days
Additional clarification was added to CT Enforcement Timeout section to
discuss Component Updater -delivered log lists.
* Clarify Log Operator Diversity
Added language describing how Chrome determines log operator diversity
in the event that a log changes operators.
Co-authored-by: devonobrien <asymmetric@chromium.org>
2022-03-17 17:20:10 -07:00
b99dadfa52
Fix Contributing link in default.html
2021-08-11 14:02:46 -07:00
8431577f16
Update _config.yml
2021-08-11 13:38:23 -07:00
89bafc69c7
Set theme jekyll-theme-minimal
2021-08-11 13:37:39 -07:00
e00b538ffe
Update default.html links for new repo name
2021-08-11 13:36:12 -07:00
5955d28484
Add shortlinks to policy gh-pages to README.md
2021-07-29 15:53:41 -07:00
4fa79451e0
Merge Nov 2020 CT Policy changes to master ( #32 )
...
Merging Nov 2020 CT Policy changes from the branch currently serving the current CT Policy (https://chromium.github.io/ct-policy/ct_policy.html ) that's hosted on `draft-policy-changes-2020q4` now that the previous text has been archived on branch `archived-pre-nov-2020-ct-policy`
Co-authored-by: Andrew Whalley <awhalley@google.com>
2021-07-09 12:55:10 -07:00
004eaa1a94
Update ct_policy.md
2021-02-03 18:03:09 -08:00
262e5115c5
Add newly Qualified Logs to CT Logs table
...
Add Let's Encrypt Oak 2023 and TrustAsia 2020, 2021, 2022, 2023 CT Logs to the list of recognized CT Logs in Chrome.
2020-10-06 13:56:44 -07:00
b5f2beb38e
Mark DigiCert Log Server 2 as Retired ( #27 )
...
Updating the Recognized Logs table to reflect DigiCert Log Server 2 transitioning from Usable to Retired [1].
[1] https://groups.google.com/a/chromium.org/d/msg/ct-policy/f_OpqFEZT9M/BVAft1O9AAAJ
2020-06-03 19:16:59 -07:00
e4bbd99548
Move Venafi Gen2 CT Log to Rejected
...
Update the informational tables in README.md to reflect Venafi Gen2 CT Log transitioning from Read Only to Rejected, per https://groups.google.com/a/chromium.org/d/msg/ct-policy/ltiBZC_9goI/FdkiyxmNBAAJ
2020-05-27 16:11:15 -07:00
9c6bb805a2
Feb 2020 Log List Changes ( #24 )
...
Moving the expired 2019 shards to 'Rejected' and updating recently-'Usable' Logs
2020-02-14 10:41:29 -08:00
f07101cf2d
Mark Chrome 77 Logs as Usable
...
Google Argon2022, Google Argon2023, Google Xenon2023 CT Logs are now Usable.
2019-12-27 17:06:32 -08:00
87124fbb56
Update Qualified Logs Table
...
Logs added in Chrome 76 are now Usable: Cloudflare Nimbus 2022, Cloudflare Nimbus 2023, DigiCert Nessie 2023, DigiCert Yeti 2023.
2019-12-06 21:19:50 -08:00
9a6b380418
Add LE Oak CT Logs to Qualified Logs
...
Updating the informative table to match Chrome's updated Qualified Log List now that LE Oak 2019, 2020, 2021, 2022 have passed compliance monitoring and have been added to Chrome.
2019-10-14 12:28:03 -07:00
de247b17e1
Clarify the enforcement dates ( #21 )
...
In https://github.com/chromium/ct-policy/pull/20 , the main README.md was updated to reference the enforcement dates, but this file was overlooked. Align the two and reword the intro for implementers.
2019-09-18 10:47:30 -07:00
34eafda3ec
Fix Xenon2023 URL and name
2019-08-23 13:07:22 -07:00
adf6ad9155
Add Logs Qualified in Chrome 77
...
The following CT Logs are now Qualified:
Google Argon2022
Google Argon2023
Google Xenon2023
2019-08-23 13:04:17 -07:00
c8588e6b9d
Update Recognized Logs Table
...
Adding DigiCert Nessie 2018 to list of No Longer Qualified CT Logs.
2019-07-19 14:42:31 -07:00
d75481c0c3
Update Recognized Logs Tables ( #20 )
...
* Tweak table format to be more readable in browser
* Update tables to reflect recent Log State changes
* Change CT-enforcement language to reflect April 30, 2018 enforcement date
2019-07-18 11:51:37 -07:00
c6697f9550
Disqualify the CNNIC CT Log ( #18 )
...
As per https://groups.google.com/a/chromium.org/d/msg/ct-policy/52uigUBvXfQ/dyoW-Fd3CQAJ , disqualification is effective 2018-09-18 00:00:00 UTC.
2018-09-21 14:30:52 -07:00
f5cd30bdd1
Update README.md ( #15 )
...
Update Chromium CT Policy to reflect that DigiCert Yeti Logs were added to Chrome 67
2018-06-02 13:35:37 +02:00
915152123a
Update link to log_list source, as it has changed.
2018-05-24 13:34:59 -04:00
225f44be7f
Add Nimbus and Argon to Qualified CT Logs
2018-03-02 13:26:38 -08:00
daf1365a86
Add Policy Version
2018-02-15 15:49:05 -08:00
21cb3623c0
Fix editorial nits
...
The footnote regarding the maximum age for EV certificates was originally attached to >27 months, where it logically made sense (as a condition that would never be hit). It was inadvertently brought to <=27 months. This is a purely editorial change.
Similarly, non-Google hyphenation didn't carry over, so correct that.
2018-01-31 19:55:58 -05:00
ac8074c9b1
Update log list
2018-01-31 19:48:19 -05:00
491d0fa63a
Merge pull request #9 from devonobrien/master
...
Add Permissible Logging Rejection Criteria to log_policy.md
2017-08-04 15:29:35 -07:00
65940d2dbd
Merge pull request #1 from devonobrien/devonobrien-rejection-criteria
...
Update log_policy.md
2017-08-03 13:05:20 -07:00
3b55998440
Update log_policy.md
...
Fix typos and define cert expiry range variables: [rangeBegin, rangeEnd).
2017-08-01 00:48:05 -07:00
9e5e870618
Update log_policy.md
...
Replace sunset dates with certificate expiry ranges as a permissible logging rejection criterion
2017-07-28 00:56:41 -07:00
6af5b90ccc
Update log_policy.md
...
Add changes to Log Policy that define Permissible Rejection Criteria that a log can use to reject certain types of certificate logging requests.
2017-07-24 23:35:22 -07:00
49aa27007d
Initial commit
2017-04-18 11:52:29 -04:00
Chris Thompson
Joe DeBlasio
Chris Thompson
devonobrien
sleevi
Ryan Sleevi