How can they efficiently do that? Will they send a request to Google/Mozilla/Firefox and asks if cert ABC logged?
I see two issues with that:
1) the browser vendors know each site and subdomain I visit. This seems to be a privacy issue.
2) every new visits adds a lot of latency because they need to check the certificate every time I request a site (now it becomes: dns, ssl handshake, cert check, http transfer).
3) when the cert check server is down, what is supposed to happen? Fail every ssl request? This adds a new point of failure. Just allow it? An attacked could black-hole the dns or block the IP address.
Even better is embedding the SCTs in the x509 structure itself so that you don't have to rely on obtaining/caching and the sending in the handshake. (Yes, there's some cases where a policy change my require the addition of additional SCTs—or different ones altogether—but this should be the exception not the norm.)
I see two issues with that:
1) the browser vendors know each site and subdomain I visit. This seems to be a privacy issue.
2) every new visits adds a lot of latency because they need to check the certificate every time I request a site (now it becomes: dns, ssl handshake, cert check, http transfer).
3) when the cert check server is down, what is supposed to happen? Fail every ssl request? This adds a new point of failure. Just allow it? An attacked could black-hole the dns or block the IP address.