There was no good way to see what CT logs are actually used by CAs, so I made a dashboard of Censys data on exe.dev.
There are some interesting patterns, but the main one is that Let's Encrypt is the only CA that evenly spreads load. Other CAs are mostly using older logs, or their own logs and Google's.
(Of course, LE is 50% of issuance, and GTS is 25%, so the rest don't matter much.)
@filippo They may not matter much in volume, but lots of orgs are still tied to the OV/EV certs from legacy CAs.
We still need to pull from just about all the CT Logs to get a complete picture for our discovery tool.
Search the TLS certificate transparency logs to find public certificates issued.This can reveal new subdomains, certificate renewals, or suspicious activity.Great for security monitoring, domain research, and uncovering hidden infrastructure.
Filippo Valsorda
CertKit