Thanks Kathleen for adding the field to the report. I'm trying to process this field, and so far the only well-formed JSON I've found is the empty array (i.e. "[]"). Numerous CAs have failed to put double quotes around the URLs, e.g.:
[http://example.com/crl1, http://example.com/crl2] Another mistake is just making it a comma-separated list, without any JSON syntax, e.g.: http://example.com/crl1, http://example.com/crl2 CAs should make sure that they put well-formed JSON in this field, e.g.: ["http://example.com/crl1";, "http://example.com/crl2";] Also, if there is some way to have Salesforce enforce that well-formed JSON is provided, that would sure be helpful. Regards, Andrew On Fri, 23 Sep 2022 09:54:24 +0000 "'Rob Stradling' via [email protected]" <[email protected]> wrote: > Hi all. Kathleen dealt with my request off-list. The "JSON Array of > Partitioned CRLs" field has now been appended to > https://ccadb-public.secure.force.com/ccadb/AllCertificateRecordsCSVFormat. > > ________________________________ > From: 'Rob Stradling' via [email protected] > <[email protected]> Sent: 21 September 2022 16:52 > To: [email protected] <[email protected]> > Subject: Add another field to AllCertificateRecordsCSVFormat > > > CAUTION: This email originated from outside of the organization. Do > not click links or open attachments unless you recognize the sender > and know the content is safe. > > > Kathleen, Ben, > > I would like to enhance > https://crt.sh/mozilla-disclosures<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcrt.sh%2Fmozilla-disclosures&data=05%7C01%7Crob%40sectigo.com%7C844a95351942442323f708da9be93b2b%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637993723270265361%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=yCQJSenYyJ3o2U%2FCae1vQ1GPo6EqKJHq0Mn%2F8wd4eDQ%3D&reserved=0> > to monitor compliance to Mozilla's new CRL URL disclosure requirement > that comes into force in about a week and a half from now > (https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#41-additional-requirements<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.mozilla.org%2Fen-US%2Fabout%2Fgovernance%2Fpolicies%2Fsecurity-group%2Fcerts%2Fpolicy%2F%2341-additional-requirements&data=05%7C01%7Crob%40sectigo.com%7C844a95351942442323f708da9be93b2b%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637993723270265361%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mIi0cZUf9sp4Myr8c%2BUKw8c7nLEv1HiUHpNzl3Q7ycw%3D&reserved=0>). > crt.sh already has access to the "Full CRL Issued By This CA" field, > but cannot yet access the "JSON Array of Partitioned CRLs" field. > > Please could I ask you to append the "JSON Array of Partitioned CRLs" > field to > https://ccadb-public.secure.force.com/ccadb/AllCertificateRecordsCSVFormat<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fccadb-public.secure.force.com%2Fccadb%2FAllCertificateRecordsCSVFormat&data=05%7C01%7Crob%40sectigo.com%7C844a95351942442323f708da9be93b2b%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637993723270265361%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5l0bsEYP1qTo%2FQJi5WEpT5ftEh%2BzQFf1uAPnA1rBMUw%3D&reserved=0>? > > > -- > Rob Stradling > Senior Research & Development Scientist > Sectigo Limited > > > -- > You received this message because you are subscribed to the Google > Groups "[email protected]" group. To unsubscribe from > this group and stop receiving emails from it, send an email to > [email protected]<mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/MW4PR17MB47293DF31FB62C442C97503FAA4F9%40MW4PR17MB4729.namprd17.prod.outlook.com<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fa%2Fmozilla.org%2Fd%2Fmsgid%2Fdev-security-policy%2FMW4PR17MB47293DF31FB62C442C97503FAA4F9%2540MW4PR17MB4729.namprd17.prod.outlook.com%3Futm_medium%3Demail%26utm_source%3Dfooter&data=05%7C01%7Crob%40sectigo.com%7C844a95351942442323f708da9be93b2b%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637993723270265361%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=NBh1BGZD920%2F6EJDKFM5sCf4aOM4Kt5SzJfz2BINwjw%3D&reserved=0>. > > -- > You received this message because you are subscribed to the Google > Groups "[email protected]" group. To unsubscribe from > this group and stop receiving emails from it, send an email to > [email protected]. To view this discussion > on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/MW4PR17MB4729A09C3DCF46B5BD3592DDAA519%40MW4PR17MB4729.namprd17.prod.outlook.com. -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/20220926132149.bfe9ee9aebd63a8b91a811ac%40andrewayer.name.
