IETF Logo Mail Archive

Re: [Trans] Tracking implementations

Tim Wicinski <tjw.ietf@gmail.com> Wed, 03 June 2015 17:40 UTC

Return-Path: <tjw.ietf@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 648E61A87EA for <trans@ietfa.amsl.com>; Wed, 3 Jun 2015 10:40:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T1W5SV11lnQ6 for <trans@ietfa.amsl.com>; Wed, 3 Jun 2015 10:40:34 -0700 (PDT)
Received: from mail-qc0-x22e.google.com (mail-qc0-x22e.google.com [IPv6:2607:f8b0:400d:c01::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 410BF1A9171 for <trans@ietf.org>; Wed, 3 Jun 2015 10:40:34 -0700 (PDT)
Received: by qcej9 with SMTP id j9so7292030qce.1 for <trans@ietf.org>; Wed, 03 Jun 2015 10:40:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=TQVgPqPHsRqo8dKx/HDb58YffSZOiTC+efKVYm8b+nQ=; b=i9YRsT/wv6uWHa2zRNxLbbNdlmRwaCUO08FGDnLo2CkL4gE6zhCORe/CmpoFquySDk nMvKTdyAJGDd2grafhKzK0pjWRU/cdyNbdjYtYcg8z+mecxpTWoEofPjCLrx4zT46MKa ZSv2sId8AXuMDCVuBtPXX3Y6Lal7fj6JmjXg7dMlnHwjODLyI5FgUktHoYuaAJ3Y3rGq 7mYOpTm1awEQx77TK5/sHqPrHHp3mz7CMnspJPPiaHQ0kD7IF0eh2J2Ifx7ZtoPT6Jnm kUaHLkhmSIQDetAhaswSQ97X8DDN1JkoYpa3etn0Qbb6AqPGu0EAzwdFYCzkuXIlTcoW ipNw==
X-Received: by 10.140.21.134 with SMTP id 6mr37056654qgl.47.1433353233532; Wed, 03 Jun 2015 10:40:33 -0700 (PDT)
Received: from twicinski-ltm.internal.salesforce.com ([204.14.239.17]) by mx.google.com with ESMTPSA id j60sm754394qge.38.2015.06.03.10.40.32 for <trans@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 03 Jun 2015 10:40:32 -0700 (PDT)
Message-ID: <556F3C0F.9020607@gmail.com>
Date: Wed, 03 Jun 2015 10:40:31 -0700
From: Tim Wicinski <tjw.ietf@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: trans@ietf.org
References: <53D9600C.6040805@gmail.com> <556F0EB1.1060400@comodo.com>
In-Reply-To: <556F0EB1.1060400@comodo.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/Rf0VlD5XXdftk6urw_1cyH3EDac>
Subject: Re: [Trans] Tracking implementations
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 17:40:43 -0000


Thanks Rob.  The security folks at my employer already found a domain 
that was set up by some marketing folks that has a less than optimal 
cert, and the domain appears to be in someone's personal account, and 
they are no longer with the company.  Of course the domain is active.

sigh

tim


On 6/3/15 7:26 AM, Rob Stradling wrote:
> https://crt.sh
>
> Pronounced "search".  :-)
>
> It's a web interface that lets you search for certs that have been
> logged by the publicly known RFC6962 logs.
>
> Right now it's half a Monitor.  It fetches all new entries soon after
> they're added to the logs, but it doesn't (yet) verify STH signatures.
>
> No current plans to release source code.
>
> Feel free to mention this on the wiki page.
>
> On 30/07/14 22:13, Melinda Shore wrote:
>> During the session last week I was a bit surprised by the number of
>> people saying that they were doing implementations, and I think it
>> might be useful to get a better handle on that.  If nothing else, it
>> helps quite a bit during the publication process if it's known
>> that there are interoperable implementations and that we know a little
>> bit about them.
>>
>> So, I'd be grateful if people who've are working on implementations
>> and who can discuss them publicly could speak up, let us know the
>> status and whether or not you'll be releasing source, and provide a
>> pointer to a repo or other documentation if you're able.  Also let
>> me know whether or not you'd be willing to have your implementation
>> mentioned on a wiki page listing implementations.
>>
>> Thanks again,
>>
>> Melinda
>

v2.23.0 | Report a Bug | By Email