I submitted a certificate to Let's Encrypt CT Log.
I followed the tutorial: Certificate Transparency (CT) Logs - Let's Encrypt I downloaded the certificate from a website, and submitted to the CT Log. I got the response: {"sct_version":0,"id":"PxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4=","timestamp":1717361805115,"extensions":"","signature":"BAMARzBFAiEA6wmVqmUluap4zKFh8QL2Gk+r60w7dyvNG7KvB1VcxccCIDmMdr6S09rWQzx+9WrACy8Wp3mZBrOo0+rlQL3LtarJ"}%
The public information of the Log:
Name: Oak 2024h2
URI: https://oak.ct.letsencrypt.org/2024h2
Public Key: MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE13PWU0fp88nVfBbC1o9wZfryUTapE4Av7fmU01qL6E8zz8PTidRfWmaJuiAfccvKu5+f81wtHqOBWa+Ss20waA==
Log ID: 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
Window Start: 2024-06-20T00:00Z
Window End: 2025-01-20T00:00Z State: Usable
At the end of the tutorial, it mentioned that I can use the signature field to verify that the certificate was submitted to a log. I want to know what is the detailed process. What data does the signature signed on?
Yeah, I think if you want example references of looking at CT logs the best bet might be Google's client libraries.
It looks like it has an sctcheck command-line utility that might be the kind of thing you're looking for, or at least point you in the right direction.
Thank you, that's very helpful. Can I also ask if I can actually submit a website's certificate (www.amazon.com in this case) that I don't own, and still verify the signature? According to the document, that would make me a "TLS Client" and I'm able to "validate the SCT by computing the signature input from the SCT data as well as the certificate and verifying the signature". Can you give me more information on "computing the signature input from the SCT data as well as the certificate?"
In order to provide more relevant information, can you tell me what you're attempting to do?
It is somewhat unusual to submit a certificate to a log for a website you don't own.
A TLS client usually gets an SCT from inside a certificate, and validates them against a list of logs and public keys. That doesn't involve submitting to the log.
You can, but I don't know why you would want to. There might be a security researcher somewhere or the like who could find an "interesting" certificate somewhere somehow, and submit it to a log so that it's "published" and available for the entire security community to look at. It's quite intentional that one can submit certificates that don't "belong" to oneself in any way.
But it's not clear to be why someone doing that would want to check SCTs, other than maybe just as an extra confirmation in their submission script that in fact the certificates they were submitting actually did receive the promise to get included in the logs as expected. The SCTs I think are mainly for the precertificates, so that CAs can demonstrate their commitment that they're in fact publishing every publicly-trusted certificate that their keys are signing.
So yeah, what exactly is your goal, other than just learning about the CT ecosystem? (Which is a good goal!)
I'm new to the field and I'm just trying to learn how to verify an SCT signature, without creating a website. I don't know what is the "data" (a binary encoding or JSON response) that SCT signature signs on? I just curious about the process. The tutorial says I can verify that the certificate was submitted to a log.
Section 3.2 covers the structure of the SCT. It is a binary structure described in the RFC, using notation shared with TLS - see Section 1.2 of the RFC for a reference.