Point is, there are easier ways to see if it is the same operator, eg
rwhois, PTR naming, etc.. checking the certs seems redundant. And since
the wildcard applies to a whole domain.. the domain would have the
reputation..
Now, maybe a SAN cert light reveal interesting data..
There ARE things that are revealing in a TLS handshake, but that is a
different story..
On 2020-11-13 7:00 a.m., Ralf Hildebrandt via mailop wrote:
* Michael Peddemors via mailop <[email protected]>:
Never heard of anyone doing that... It really wouldn't make sense
Hm, why not? After all, if somebody controls the certificates (issued
by domain verification, one would guess), they also control the
domains. All domains under the same control...
Ralf Hildebrandt
Charité - Universitätsmedizin Berlin
Geschäftsbereich IT | Abteilung Netzwerk
Campus Benjamin Franklin (CBF)
Haus I | 1. OG | Raum 105
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155
[email protected]
https://www.charite.de
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
