A Google project for certificate transparency: Issued certificates are written to publicly verifiable and tamperproof log servers to promptly identify and block abusive or misleading TLS/SSL certificates. The necessary CT log servers will be contacted during the certificate issuing process. In turn the CT log servers deliver a signed time stamp (SCT) in its reply, which are then stored in the certificate to verify that the certificate has been registered on a log server.

The CT extension can be deselected by customer request. The missing CT extension reduces the functionality of the certificate in some browsers.