1{
2 "type": "object",
3 "id": "https://www.gstatic.com/ct/log_list/v3/log_list_schema.json",
4 "$schema": "http://json-schema.org/draft-07/schema",
5 "required": [
6 "operators"
7 ],
8 "definitions": {
9 "state": {
10 "type": "object",
11 "properties": {
12 "timestamp": {
13 "description": "The time at which the log entered this state.",
14 "type": "string",
15 "format": "date-time",
16 "examples": [
17 "2018-01-01T00:00:00Z"
18 ]
19 }
20 },
21 "required": [
22 "timestamp"
23 ]
24 }
25 },
26 "properties": {
27 "version": {
28 "type": "string",
29 "title": "Version of this log list",
30 "description": "The version will change whenever a change is made to any part of this log list.",
31 "examples": [
32 "1",
33 "1.0.0",
34 "1.0.0b"
35 ]
36 },
37 "log_list_timestamp": {
38 "description": "The time at which this version of the log list was published.",
39 "type": "string",
40 "format": "date-time",
41 "examples": [
42 "2018-01-01T00:00:00Z"
43 ]
44 },
45 "operators": {
46 "title": "CT log operators",
47 "description": "People/organizations that run Certificate Transparency logs.",
48 "type": "array",
49 "items": {
50 "type": "object",
51 "required": [
52 "name",
53 "email",
54 "logs"
55 ],
56 "properties": {
57 "name": {
58 "title": "Name of this log operator",
59 "type": "string"
60 },
61 "email": {
62 "title": "CT log operator email addresses",
63 "description": "The log operator can be contacted using any of these email addresses.",
64 "type": "array",
65 "minItems": 1,
66 "uniqueItems": true,
67 "items": {
68 "type": "string",
69 "format": "email"
70 }
71 },
72 "logs": {
73 "description": "Details of Certificate Transparency logs run by this operator.",
74 "type": "array",
75 "items": {
76 "type": "object",
77 "required": [
78 "key",
79 "log_id",
80 "mmd",
81 "url"
82 ],
83 "properties": {
84 "description": {
85 "title": "Description of the CT log",
86 "description": "A human-readable description that can be used to identify this log.",
87 "type": "string"
88 },
89 "key": {
90 "title": "The public key of the CT log",
91 "description": "The log's public key as a DER-encoded ASN.1 SubjectPublicKeyInfo structure, then encoded as base64 (https://tools.ietf.org/html/rfc5280#section-4.1.2.7).",
92 "type": "string"
93 },
94 "log_id": {
95 "title": "The SHA-256 hash of the CT log's public key, base64-encoded",
96 "description": "This is the LogID found in SCTs issued by this log (https://tools.ietf.org/html/rfc6962#section-3.2).",
97 "type": "string",
98 "minLength": 44,
99 "maxLength": 44
100 },
101 "mmd": {
102 "title": "The Maximum Merge Delay, in seconds",
103 "description": "The CT log should not take longer than this to incorporate a certificate (https://tools.ietf.org/html/rfc6962#section-3).",
104 "type": "number",
105 "minimum": 1,
106 "default": 86400
107 },
108 "url": {
109 "title": "The base URL of the CT log's HTTP API",
110 "description": "The API endpoints are defined in https://tools.ietf.org/html/rfc6962#section-4.",
111 "type": "string",
112 "format": "uri",
113 "examples": [
114 "https://ct.googleapis.com/pilot/"
115 ]
116 },
117 "dns": {
118 "title": "The domain name of the CT log's DNS API",
119 "description": "The API endpoints are defined in https://github.com/google/certificate-transparency-rfcs/blob/master/dns/draft-ct-over-dns.md.",
120 "type": "string",
121 "format": "hostname",
122 "examples": [
123 "pilot.ct.googleapis.com"
124 ]
125 },
126 "temporal_interval": {
127 "description": "The log will only accept certificates that expire (have a NotAfter date) between these dates.",
128 "type": "object",
129 "required": [
130 "start_inclusive",
131 "end_exclusive"
132 ],
133 "properties": {
134 "start_inclusive": {
135 "description": "All certificates must expire on this date or later.",
136 "type": "string",
137 "format": "date-time",
138 "examples": [
139 "2018-01-01T00:00:00Z"
140 ]
141 },
142 "end_exclusive": {
143 "description": "All certificates must expire before this date.",
144 "type": "string",
145 "format": "date-time",
146 "examples": [
147 "2019-01-01T00:00:00Z"
148 ]
149 }
150 }
151 },
152 "log_type": {
153 "description": "The purpose of this log, e.g. test.",
154 "type": "string",
155 "enum": [
156 "prod",
157 "test"
158 ]
159 },
160 "state": {
161 "title": "The state of the log from the log list distributor's perspective.",
162 "type": "object",
163 "properties": {
164 "pending": {
165 "$ref": "#/definitions/state"
166 },
167 "qualified": {
168 "$ref": "#/definitions/state"
169 },
170 "usable": {
171 "$ref": "#/definitions/state"
172 },
173 "readonly": {
174 "allOf": [
175 {
176 "$ref": "#/definitions/state"
177 },
178 {
179 "required": [
180 "final_tree_head"
181 ],
182 "properties": {
183 "final_tree_head": {
184 "description": "The tree head (tree size and root hash) at which the log was made read-only.",
185 "type": "object",
186 "required": [
187 "tree_size",
188 "sha256_root_hash"
189 ],
190 "properties": {
191 "tree_size": {
192 "type": "number",
193 "minimum": 0
194 },
195 "sha256_root_hash": {
196 "type": "string",
197 "minLength": 44,
198 "maxLength": 44
199 }
200 }
201 }
202 }
203 }
204 ]
205 },
206 "retired": {
207 "$ref": "#/definitions/state"
208 },
209 "rejected": {
210 "$ref": "#/definitions/state"
211 }
212 },
213 "oneOf": [
214 {
215 "required": [
216 "pending"
217 ]
218 },
219 {
220 "required": [
221 "qualified"
222 ]
223 },
224 {
225 "required": [
226 "usable"
227 ]
228 },
229 {
230 "required": [
231 "readonly"
232 ]
233 },
234 {
235 "required": [
236 "retired"
237 ]
238 },
239 {
240 "required": [
241 "rejected"
242 ]
243 }
244 ]
245 },
246 "previous_operators": {
247 "title": "Previous operators that ran this log in the past, if any.",
248 "description": "If the log has changed operators, this will contain a list of the previous operators, along with the timestamp when they stopped operating the log.",
249 "type": "array",
250 "uniqueItems": true,
251 "items": {
252 "type": "object",
253 "required": [
254 "name",
255 "end_time"
256 ],
257 "properties": {
258 "name": {
259 "title": "Name of the log operator",
260 "type": "string"
261 },
262 "end_time": {
263 "description": "The time at which this operator stopped operating this log.",
264 "type": "string",
265 "format": "date-time",
266 "examples": [
267 "2018-01-01T00:00:00Z"
268 ]
269 }
270 }
271 }
272 }
273 }
274 }
275 }
276 }
277 }
278 }
279 }
280}
View as plain text