Ask HN: Erosion of user privacy with browser CT?

5 points by egberts1 ↗ HN
One thing that is missing in the diagram of the entire Google/Apple Certificate Transparency architecture is the browser performing this CT log hash check.

https://certificate.transparency.dev/howctworks/

What is preventing the further erosion of end-users’ privacy when those massive CT loggers (about 14 of them) start correlating websites with browser’s IP address?

Unlike HPKP, the Chrome/Safari browser surely will be seeking some kind of hash verification (soon) and over DNS too.

And I am not just talking about web owners who are seeking (even-less available) privacy, but now end-users’ privacy.

Is this the end of digital privacy?

references:

- https://datatracker.ietf.org/doc/html/rfc6962

- https://letsencrypt.org/docs/ct-logs/

- https://certificate.transparency.dev/monitors/

- https://datatracker.ietf.org/doc/html/draft-ietf-trans-rfc6962-bis-31#section-5.4

1 comment

[ 2.9 ms ] story [ 27.1 ms ] thread