While I don't really understand what's going on with the problem with Testflume that's been reported on the status page for the past month, the "official" word that there's no ETA for resolution makes me want to ask a couple questions that have been on my mind for a bit:
Is Testflume just "down" and not really usable for the foreseeable future? That is, are staging-environment issuances just testing using other Test-CT-logs instead?
Is whatever issue that happened on Testflume the kind of thing that can happen to the real Oak CT logs? That is, did Testflume expose some sort of fragility or something that we should "worry" about happening "for real"?
That said I'd like to thank @jcjones wholeheartedly for removing Testflume from the status page! It was very, very confusing for many members, including letsdebug
The add-*chain endpoints are dead, Jim. Testflume performed its intended functions fantastically. One of the functions it had was to serve as an early warning for the initial generation of public Let's Encrypt CT logs architectural failings.
Besides staging logs, the boulder repository maintains a stub CT log called ct-test-srv that we also run internally. When folks email us asking to add development CA roots, I typically point them at ct-test-srv.
Yes, Testflume performed wonderfully in this regard. Should you or the internet worry though, not in the slightest. There is excess redundancy in the CT ecosystem for logs to fall over.
Moving forward though, I have an internal design document where our team has been weighing the trade-offs for the next architectural upgrade. We have a few possible paths that we can proceed on, but have not yet chosen one.
Edit: When will there be a new log to replace Testflume? It depends on how fast we get our current internal projects finished. We're working on a lot of good things and they will be done when they're done. Not too slow, not too quick.
