How does Certificate Transparance detect fake or forked logs?

First, what stops me from setting up my own log, make the SCT, and never tell Google or anyone else about it?

Nothing.

Can the browser tell if a log is legitimate?

It's left unspecified in the RFC:

TLS clients [...] should validate the SCT by [...] using the corresponding log's public key. Note that this document does not describe how clients obtain the logs' public keys.

(Note: This sentence was removed from section 5.3 the new RFC that's currently in development. I don't know if they replaced it with anything more specific)

But Chrome for example will by default only trust a handful of hard-coded logs:

By default, Chrome will check SCTs coming from a list of predefined CT logs recognized by Chrome.

.

Does the browser or its Auditor component send the SCT to Monitors?
[...] Specifically, how does the browser (Auditor) know which Monitors to talk to?

It depends. As per the Gossip RFC draft this would be the Trusted Auditor Relationship type of gossiping. (Which is 1 of 3 types of gossiping proposed. And all of these mechanisms may be used in parallel.)

And the RFC draft goes on to say that:

The Trusted Auditor Relationship is expected to be the rarest gossip mechanism, as an HTTPS Client is providing an unadulterated report of its browsing history to a third party. While there are valid and common reasons for doing so, there is no appropriate way to enter into this relationship without retrieving informed consent from the user.

So I guess it's gonna be either manually configured or configured to come from some trusted party (browser manufacturer I guess).

Update 2018-01-26Fri.: @__agwa-Blog.

There's a recent blog post on this topic:

  • Andrew Ayer, 2018-01-10, How will Certificate Transparency Logs be Audited in Practice? (Archived here.)

    It's an in depth technical read. The TLDR is this last paragraph here:

    All of this is a ways off. CTv2 is still not standardized. Chrome still doesn't do any SCT auditing, and consequentially its CT policy requires at least one SCT to be from a Google-operated log, since Google obviously trusts its own logs not to break its promises. Fortunately, even without widespread log auditing, Certificate Transparency has been a huge success, cleaning up the certificate authority ecosystem and making everyone more secure. Nevertheless, I think it would be a shame if Certificate Transparency's auditability were never fully realized, and I hope we'll be able to find a way to make it work.

Tags:

Certificate Authority

Certificates

Public Key Infrastructure

Certificate Transparency

Related

TLS_RSA_WITH_3DES_EDE_CBC_SHA reported as 112 bits How exactly does Google Account decide my device or location is "familiar"? What is the purpose of Intermediate Certification Authorities store in Windows? Is there an equivalent of an Apple cryptochip in Android devices? Can I use port 443 without SSL? Decrypting SSL using Wireshark on Linux vs Windows HOW is the malicious URL/payload is delivered to the user on a DOM based XSS attack? Why do email programs block xml files? Is adding a supplementary credit transaction something that could improve online payment security? Is it possible for a vulnerability in one application to be exploited to attack another application on the same server? Is using bcrypt on existing SHA1 hashes good enough when switching password implementation? Password manager in not own device

Recent Posts