|
|
|
|
|
|
by phasmantistes
820 days ago
|
|
|
I'm super excited about Sunlight. The CT ecosystem is really fragile right now, with current log implemetations being expensive to operate and very difficult to operate correctly, as evidenced by the recent failures of multiple logs[1][2]. And if too many logs fall over, it becomes infeasible to include the requisite number of SCTs in certificates, or worse, already-issued certificates can become effectively untrusted. With Sunlight reducing costs by a couple orders or magnitude and significantly easing deployment complexity, it will be a huge boon to the whole ecosystem. I really hope log monitors begin crawling sunlight logs and browsers accept them as trusted in the near future. [1]: https://groups.google.com/a/chromium.org/g/ct-policy/c/6mvSo... [2]: https://groups.google.com/a/chromium.org/g/ct-policy/c/_dhkS... |
|
|
[2]: a database server had its disk full that lead to a corrupted database
SRE is tough.