Hi folks,
I just posted a blog entry here about a side project I've had running
for a little while:
http://blog.johnath.com/2009/01/21/ssl-information-wants-to-be-free/
The very short version is that I crawled the top 1M sites (according
to Alexa) to harvest some basic SSL information, including the end-
entity certs, and dumped it all into an SQLite database. I throw out
a couple of potential analysis topics in the blog post, but my hope is
that this is a group that can suggest other interesting questions that
a DB of ~380,000 certs (approximately 215,000 of which are valid, CA-
signed) can answer. The DB and the (albeit terrible) crawler code is
publicly available, of course, and linked to from the post. If
nothing else, perhaps those certs would make an interesting NSS unit
test. :)
Is this useful for people? My sense is that we've been lacking this
information (except from paid sources) for some time, but I'd like to
hear whether anyone in this group finds it helpful to have.
Cheers,
Johnathan
---
Johnathan Nightingale
Human Shield
john...@mozilla.com
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
