First, Graham Edgecombe and I have set up public sth-pollination endpoints
as defined in draft-ietf-trans-gossip-00:
https://certspotter.com/.well-known/ct/v1/sth-pollination
https://ct.grahamedgecombe.com/.well-known/ct/v1/sth-pollination
Our monitors are using these endpoints to exchange STHs twice an hour.
We're using the -00 draft instead of -04 because -00 was the last draft
to use v1 STHs. As I mentioned previously, I think it would be good
to add v1 support back to the Gossip document, if it's not too late to
do so. v1 logs will be with us for some time and the ecosystem would
benefit from STH pollination.
Second, I've written a lightweight program called "ct-honeybee" which
queries public logs and uploads their latest STHs to my and Graham's
sth-pollination endpoints:
https://github.com/SSLMate/ct-honeybee/
My hope is for a diverse set of people to run ct-honeybee from various
vantage points to increase the likelihood of detecting split log views.
Let me know if you have any questions. Also, consider running
ct-honeybee! :-)
Regards,
Andrew
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
