There are good arguments for it, but it's also not a coincidence that they happen to align with Google's business objectives. Ex it's hard to issue a TLS cert without notifying Google of it.
There are good arguments for it, but it's also not a coincidence that they happen to align with Google's business objectives. Ex it's hard to issue a TLS cert without notifying Google of it.
I don't get your logic/reasoning here... could you explain?
There are public logs of every TLS cert issued by the major providers. This benefits Google.
Kinda like how Wikipedia benefits Google. Or public roads benefit Uber. Or clean water benefits restaurants
Certificate transparency logs are public. How does this benefit Google?
Google also knows about every domain name that gets renewed or registered... How does knowing a website has tls help in any meaningful way that would detract from society as a whole?
The certificate transparency log lets everyone know which domains are active as the certificates are getting renewed, likely more often than the domain itself, and also which sub-domains are active if those are not secured using a wild-card certificate.
Not just Google: AI bots could use the information to look for juicy new data to scrape and ingest.
Probably not a significant thing, the information can be derived in other ways too if someone wants to track these things, but it is a thing.
This doesn't feel like much of an argument in favor of not using https though.
Not at all IMO, unless you are really paranoid about Google & friends. I was just saying that what was being questioned does (or could) benefit them a tiny bit.