On Thu, May 2, 2019 at 6:57 PM Daniel Marschall via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> Hello, > > I have two improvement suggestions for the page crt.sh. > > I often stumble across extentions or other kind of OIDs which are not > known/named by the system. For example the extention 1.3.6.1.5.5.7.1.24 > > (1) It would be great if all OIDs could automatically get a hyperlink > pointing to oid-info.com , e.g. oid-info.com/get/1.3.6.1.5.5.7.1.24 , so > you can quickly get information about an OID by clicking on it. > > (2) About the OID 1.3.6.1.5.5.7.1.24 in particular: Since I think this > extention becomes more and more popular as OCSP MustStaple evolves, maybe > it would be good to decode it, showing the TLS features in plaintext. For > example, to see the list of features for a certificate, I need to > copy paste the hex dump (e.g. "30 03 02 01 05") into an ASN.1 decoder, > e.g. https://lapo.it/asn1js/ , to get the list of extention IDs. (e.g. 5) > Then I need to lookup these extention IDs at the IANA registry > https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml > (e.g. 5 = status_request). > > What do you think? > > Take care, > Daniel Hi Daniel, These mag be reasonable changes, but Mozilla doesn’t develop crt.sh. It has its own bug tracker and mailing list, which you can find more information about on GitHub - https://github.com/crtsh - and https://crt.sh/forum - both of which are linked to from crt.sh Hope this helps! > > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
