About the ZT Browser UI displaying the "Certificate Transparency" icon

Whether a website is secure or not, there are at least three basic elements, one is https encryption, the other is WAF protection, and the third is trusted identity validation, all three are indispensable. That's why the ZT Browser innovatively displays three security-related icons:     , not only has the security padlock, but also have the cloud WAF protection icon and the website trusted identity validation level icon. We also innovatively added a cryptography protection compliance icon: especially for the website that adopts the SM2 algorithm to realize https encryption, which conspicuously proves that this website is "cryptography protection compliance". And added a certificate transparency icon in the details of the padlock: to tell users whether the SSL certificate deployed on this website already has a certificate transparency protection and trustworthy, including international certificate transparency and SM2 certificate transparency. Please refer to the innovation UI Icon Summary of ZT Browser for details.

One of the main features of ZT Browser is to fully support the SM2 algorithm and the SM2 SSL certificate. This is one of the Cryptography Law compliant innovative technologies for website security. HTTPS encryption, realizing information transmission from browser to server is encrypted, preventing confidential information from leaking in the transmission process, effectively eliminating various illegal stealing and illegal tampering. This is the baseline of the website security. In order to ensure the security and trust of the SSL certificate itself, the certificate transparency mechanism has played a key role, and it has successfully guaranteed more than 10 billion RSA/ECC algorithm SSL certificates.

To ensure the security and trust of SM2 SSL certificates used for SM2 HTTPS encryption, ZoTrus Technology has achieved the SM2 Certificate Transparency mechanism firstly in the world, which can effectively prevent the wrong issuance and malicious issuance of SM2 SSL certificate for vicious assault. ZT Browser has exclusively realized the supporting of SM2 Certificate Transparency mechanism (supports the SM2 SSL certificate and the use SM2 algorithm to sign the certificate transparency timestamp), and it supports real-time verification of the SCT data, thereby effectively ensuring the SSL certificate itself is secure and trust. Please also refer to ZT Browser Trusted SM2 Certificate Transparency Log System List and ZT Browser Trusted international Certificate Transparency Log System List.

The following left figure shows the certificate transparency information display of the SM2 algorithm SSL certificate. Under "Certificate is valid", it displays "Certificate Transparency (SM2, 3)", and the first information in the brackets shows that the cryptography algorithm used by the certificate transparency log system is SM2, followed by "3" indicates that this SSL certificate contains 3 SCT data. And it displays the certificate transparency log server list, first display the name of the CT log service provider, and then display the name of the log server. The figure on the right below shows the certificate transparency information display of the RSA/ECC algorithm SSL certificate. The cryptography algorithm used by the certificate transparency log system is ECC, followed by "3" indicates that this SSL certificate contains 3 SCT data. Of course, the name of the certificate transparency log provider and log server is also displayed, which is the first in the world, allowing users to know who provides certificate transparency services for this SSL certificate.

if the SM2 SSL certificate does not embed the certificate transparency log data of the ZT Browser trust, it will display "Certificate NOT Transparency". It is only a temporary transition plan for SM2 SSL certificate that does not embed SCT data. ZT Browser is planned to use the same policy as the current Google Chrome after Jan. 1, 2025, that is, “Not secure” warning will be displayed in the address bar if no ZT Browser trusted SM2 SCT data in the SM2 SSL certificate, and no longer displays the cryptography protection compliance icon. All ZT Browser trusted SM2 root CA operators must update the CA system in time to issue SM2 SSL certificate embedded SCT data before the deadline, this not only avoid the “Not secure” warning, but also can increase the security level of SM2 SSL certificate itself and enhances the core competitiveness of the issued SM2 SSL certificate.