Designed to make every site can use HTTPS encryption, non-profit organization Let’s Encrypt released Oak, a Free and Open Certificate Transparency Log. The project was sponsored by Sectigo. Certificate Transparency (CT) is a system for recording and monitoring certificate issuance that helps improve the CA ecosystem and web security and is quickly becoming a critical Internet infrastructure.
Let’s Encrypt decided to create and operate its own CT for several reasons:
First, operating a log is consistent with our mission to create a more secure and privacy-respecting Web. We believe transparency increases security and empowers people to make well-informed decisions.
Second, operating a log helps us take control of our destiny. Google Chrome requires all new certificates to be submitted to two separate logs, so multiple log options are imperative to our operation.
Finally, Let’s Encrypt often issues more than 1M certificates each day, so we wanted to design a CT log that is optimized for high volume. We’ve designed our log to be able to handle submissions from all other publicly trusted Certificate Authorities so they can use Oak to fulfill their logging requirements as well.