Scott isn't trying to mislead us here, but one sentence from the article seems like it needs expanding certainly for a lay audience like HN.
"One thing that we can do with CT logs is search all certificates for things that we're interested in"
The CT logs themselves implement only a terribly simple API and you can't search them per se. This makes good sense because they are required to hit really onerous availability and performance targets to remain "qualified" as logs. You definitely wouldn't want to put a sophisticated "search" feature in this code.
However, since they're public we can either read all the data (my employer does this) and process it however we like or there are two famous services which already did this for you, crt.sh (operated by Sectigo, one of the CAs) and Censys (from an ex-University of Michigan team). Scott used Censys for this article, and either Censys or crt.sh are good places to play around with this if you have a passing interest that may not last.
"One thing that we can do with CT logs is search all certificates for things that we're interested in"
The CT logs themselves implement only a terribly simple API and you can't search them per se. This makes good sense because they are required to hit really onerous availability and performance targets to remain "qualified" as logs. You definitely wouldn't want to put a sophisticated "search" feature in this code.
However, since they're public we can either read all the data (my employer does this) and process it however we like or there are two famous services which already did this for you, crt.sh (operated by Sectigo, one of the CAs) and Censys (from an ex-University of Michigan team). Scott used Censys for this article, and either Censys or crt.sh are good places to play around with this if you have a passing interest that may not last.