I'm super excited about Sunlight. The CT ecosystem is really fragile right now, with current log implemetations being expensive to operate and very difficult to operate correctly, as evidenced by the recent failures of multiple logs[1][2]. And if too many logs fall over, it becomes infeasible to include the requisite number of SCTs in certificates, or worse, already-issued certificates can become effectively untrusted.
With Sunlight reducing costs by a couple orders or magnitude and significantly easing deployment complexity, it will be a huge boon to the whole ecosystem. I really hope log monitors begin crawling sunlight logs and browsers accept them as trusted in the near future.
With Sunlight reducing costs by a couple orders or magnitude and significantly easing deployment complexity, it will be a huge boon to the whole ecosystem. I really hope log monitors begin crawling sunlight logs and browsers accept them as trusted in the near future.
[1]: https://groups.google.com/a/chromium.org/g/ct-policy/c/6mvSo...
[2]: https://groups.google.com/a/chromium.org/g/ct-policy/c/_dhkS...