We are happy to announce the ICSI Certificate Notary today. This service
provides near real-time reputation information on a large number of
TLS/SSL certificates seen in the wild, collected continuously from a set
of partner network sites. The notary's data includes the time when a
certificate was first and last seen, and whether we can establish a
valid chain to a root certificate from the Mozilla root store. Over the
course of this year, we built a certificate database that now comprises
roughly half a million unique web certificates from over 7.6 billion
connections, representing the activity of estimated 220,000 users.
You can use the service by sending a DNS request for an A or TXT record
to:
<sha1>.notary.icsi.berkeley.edu
The token <sha1> represents the SHA1 digest of the certificate to query, which
you may find when consulting your browser for details about a certificate. For
further details, usage instructions, and background reading, please visit the
notary website at:
http://notary.icsi.berkeley.edu
We much appreciate your feedback at this early stage, both positive
works-for-me notices as well as problems and suggestions for
improvements.
Matthias
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
