Ok, so the date on this paper is 2014, but wasn't this proposed at least 2 years ago? I recall it being proposed as a countermeasure to the Iranian Google cert incident.
Well, the project itself isn't new. But this article is (relatively) new, and since it was quite well written I thought it was worth submitting.
I'm not really knowledgable enough to assess the project's vitality but I found that the Github repo[1] is active, and the mailing list[2] is somewhat active as well. There is also a new RFC draft from 2014-07-10[3].
My conclusion is that since this project is backed by Google, it's currently the most viable attempt to improve on the suboptimal PKI infrastructure we have for TLS.
Ideally Firefox, Safari, Internet Explorer and Opera would add support as well. Firefox as least has an open feature request[4]. But these things take time, you know :)
cpach|11 years ago
I'm not really knowledgable enough to assess the project's vitality but I found that the Github repo[1] is active, and the mailing list[2] is somewhat active as well. There is also a new RFC draft from 2014-07-10[3].
My conclusion is that since this project is backed by Google, it's currently the most viable attempt to improve on the suboptimal PKI infrastructure we have for TLS.
Ideally Firefox, Safari, Internet Explorer and Opera would add support as well. Firefox as least has an open feature request[4]. But these things take time, you know :)
[1] https://github.com/google/certificate-transparency/commits/m...
[2] https://groups.google.com/forum/#!forum/certificate-transpar...
[3] https://tools.ietf.org/html/draft-ietf-trans-rfc6962-bis-04
[4] https://bugzilla.mozilla.org/show_bug.cgi?id=944175