Hi, > Oh, now it makes sense, those are mostly router certs (and various other certs > from vendors who create broken certs like the Plesk ones). You won't just > find them in Korea, they're everywhere, in vast numbers, but (at least for the > router certs) they're usually only visible from the LAN interface.
I just had a look in our monitoring data - i.e. data of real SSL connections that users make. Those cannot be router certs. I find CA:TRUE in 0.8% of certificates (of 200k connections) in Sep 2010; and in 1.15% in Apr 2011 (of 950k connections). Here are some noteworthy issuers and counted occurrences: CN=localhost.localdomain/[email protected], 585 (ok, boring) CN=undermine.corp/[email protected], 480 (more interesting) CN=confixx/[email protected], 206 (ok) CN=Administration Server, ST=Moscow, L=RU, C=RU/[email protected], O=Kaspersky Lab, 114 (oh) C=DE, ST=Bayern, L=Vilshofen, O=Internet Widgits Pty Ltd, CN=quetzalcoatl.dyndns.org/[email protected], 105 (hmmmm) And, to my dismay :-), my own university seems to be messing up: C=DE, ST=Bavaria, L=Munich, O=Technische Universitaet Muenchen, OU=LSR Institute of Automatic Control Engineering, CN=*.lsr.ei.tum.de, 62 C=DE, ST=Bavaria, L=Freising, O=Wissenschaftszentrum Weihenstephan TUM, OU=InformationsTechnologie Weihenstephan, CN=phoenix.wzw.tum.de/[email protected], 54 Ralph -- Dipl.-Inform. Ralph Holz I8: Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
