On 17/06/18 21:09, Daniel Cater via dev-security-policy wrote:
On Monday, 14 May 2018 15:25:43 UTC+1, Rob Stradling
I'm currently running the check against all of the certs on the crt.sh
DB. I'll report back once this has completed.
Hi Rob,
Did your checks find anything else in the end?
Hi Daniel. Thanks for the reminder. :-)
I found a total of 1,589 certs on the crt.sh DB with Debian weak keys,
and I did intend to publish a report. I figured that creating a new
batch on misissued.com would be the best way to present the data, but
that gives me an HTTP 500 response whenever I try to submit the list of
crt.sh IDs.
Until misissued.com lets me submit the list, you can find the list of
affected certs in a table on the crt.sh DB called "has_debian_weak_key".
--
Rob Stradling
Senior Research & Development Scientist
Email: [email protected]
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
