\begin{frame} \frametitle{Certificate Transparency (CT) to the resque} \centering \begin{columns} \begin{column}{0.55\textwidth} \begin{itemize} \item Publicly log all certificates \item Clients require proof of logging \item Anyone can inspect the logs \item Goal is to \alert{detect} mis-issuance \end{itemize} \end{column} \begin{column}{0.49\textwidth} \includegraphics[width=\textwidth]{img/ct} \end{column} \end{columns} \vfill \scriptsize{\url{https://www.certificate-transparency.org/what-is-ct}} \end{frame} \begin{frame} \frametitle{Adoption status of CT among common platforms} \begin{columns} \begin{column}{0.33\textwidth} \centering \includegraphics[width=0.75\textwidth]{img/chrome-logo} \\incrementally \end{column} \begin{column}{0.33\textwidth} \centering \includegraphics[width=0.75\textwidth]{img/apple-logo} \\incrementally soon \end{column} \begin{column}{0.33\textwidth} \centering \includegraphics[width=0.75\textwidth]{img/firefox-logo} \\unclear \end{column} \end{columns} \vfill \begin{itemize} \item Clients require at least two promises of log inclusion \item Log is trusted until auditing hits deployment \end{itemize} \end{frame} \begin{frame} \frametitle{Who are the log operators?} \centering \begin{columns} \begin{column}{0.59\textwidth} \begin{itemize} \item Google Chrome includes 27 different CT logs \item Three logs found cheating while auditing (mistakes) \begin{itemize} \item Same key for test and production log (Izenpe) \item Time rollback after power outage (Venafi) \item Invalid promises of log inclusion (Cloudflare) \end{itemize} \end{itemize} \end{column} \begin{column}{0.39\textwidth} \begin{tabular}{c|c} Log operator & Number of logs \\ \toprule DigiCert & 10 \\ Google & 9 \\ Cloudflare & 4 \\ Comodo & 2 \\ CNNIC & 1 \\ Venafi & 1 \\ \bottomrule \end{tabular} \end{column} \end{columns} \end{frame}