Since the dawn of time (well, Web PKI) certificates have been used to ensure that internet users are actually talking to the websites they think they are. Since civilisation began (well, the mid-90s) Certificate Authorities have been trusted to Do The Right Thing™ when issuing these certificates, and watch out for baddies trying to get their hands on certificates for domains they don’t own. But what if a CA makes issuance mistakes? What if a CA is hacked? What if a CA is run by the baddies themselves?! Who watches the watchers?
Enter Certificate Transparency.
Certificate Transparency is the latest internet security superhero. Power: detecting certificate misissuance and certificate authority misbehaviour (oooh yeah).
But seriously, capes and undies-over-skin-tight-lycra aside, what exactly is Certificate Transparency? How does it work? Why should you care? Is it even helping? Come along to this talk and find out!