[tor-dev] xxx-draft-spec-for-TLS-normalization.txt
Adam Langley
agl at imperialviolet.org
Mon Feb 21 18:54:39 UTC 2011
On Mon, Feb 21, 2011 at 1:36 PM, Nick Mathewson <nickm at freehaven.net> wrote:
> Aha. Let's see if I have the tor-dev address right at long long last.
> Apologies to Peter, who will have received more than one copy of this
> already.
I did a quick scan of a subset of the EFF Observatory data (where
`subset' is defined as: I hit Ctrl-C after letting tar run for a
while).
Selecting only self-signed certs and sorting by Organization, here are
the counts:
<snip>
691 Internet Widgits Pty Ltd
757 NetKlass Techonoloy Inc
825 Apache Friends
882 HTTPS Management Certificate for SonicWALL (self-signed)
952 Cisco-Linksys, LLC
1141 DrayTek Corp.
1933 Xtera Communications, Taiwan
6803 SomeOrganization
10253 Hewlett-Packard Co.
11811 Fortinet Ltd.
(from 52341 total self-signed certs)
"Internet Widgits Pty Ltd" is the OpenSSL default. "Hewlett-Packard
Co." are JetDirect printers. "Fortinet Ltd." is some gateway
manufacturer.
Tor doesn't have to pick a single type I believe. It could pick
between some number of templates at first-run (although Forinet tend
to be 2048-bit and HP are 1024-bit). Here are examples of the HP and
Fortinet certs:
Fortinet:
-----BEGIN CERTIFICATE-----
MIIC4jCCAcqgAwIBAgIEllaMYTANBgkqhkiG9w0BAQUFADAzMRkwFwYDVQQDExBG
RzEwMEMzRzA5NjAwMzM3MRYwFAYDVQQKEw1Gb3J0aW5ldCBMdGQuMB4XDTA5MDEy
MTIyNTYwM1oXDTE5MDEyMjIyNTYwM1owMzEZMBcGA1UEAxMQRkcxMDBDM0cwOTYw
MDMzNzEWMBQGA1UEChMNRm9ydGluZXQgTHRkLjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4qbL3qGi71AZBUB1mTkhFO03qP7Z7b7dXrT1fhw8QXknlA
UtAGWBs5ZPWB39OKpyJoRK4+HG8D4fJ0kuwiTnpP/3WBe+manK5S13wCKgME05aV
q5gRgWw/R5/1xyXF9a9YvuR3fJZvODtlR9MKjAa44YGHZguaPEucBKw8BtA7wCYc
d8rVh8hNBH67QVSLLCm48lytrnmccjshNxo5eI8x3ESxc0Am7+8vrNkNsttsUMG+
D8knI0rJqf9JCaogtfv1lKzYF0I1EOpTsT+lwyS9g5yPAZ2qGGFeLt3C9aoGiXUS
iX7tn3krpVn5/eM7gpG0VpY/4AnlUyvPevHRuqcCAwEAATANBgkqhkiG9w0BAQUF
AAOCAQEAGT6/jxUOEWJ1YCliKZtdhY9K1/uz8da9FYrlmhFdPPIwnUh8sgtC4bSP
bifq1hQIDPXTcJ6PirYc85EhaH/JiI5inAIUUQTJk8Cu13j+/DtxiiprOVa4iu73
VY2x0qFaxGfK0wOOFnbvqodibUmSKoCxKnowwqcPC8ZpSAojtLibGv1OcIHzoWSA
WrmMGFxyilPb4nsuvFDcgjK6OlccI+sy0vLTzkOrRXq+hyCu05NCai99mnD1tWwG
TBKXqKYTpQI+kuZ5HyUfzzOV47DyZ71BI3zqCxN0DEMWW4Mu/lw97rNY7iiiuZcC
Qp5iGquemw/lF1FaAKRQEXS351SS8w==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIC4jCCAcqgAwIBAgIEaAxnSjANBgkqhkiG9w0BAQUFADAzMRkwFwYDVQQDExBG
RzMwMEIzOTA5NjAzMDA1MRYwFAYDVQQKEw1Gb3J0aW5ldCBMdGQuMB4XDTEwMDMy
NDIxMzYyNFoXDTIwMDMyNDIxMzYyNFowMzEZMBcGA1UEAxMQRkczMDBCMzkwOTYw
MzAwNTEWMBQGA1UEChMNRm9ydGluZXQgTHRkLjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRnRUhLqL6DVQCcyao97X+l+7ntSaoU41ngK3tEIWgmlIdV
rQ7kDyxkH0xPt7C/D6FEEfV3PNGs0QBgVa9Hp5jLKtJBKCgYvlFzaR0/tQcw+g+s
j5yl6EoXDVtNdcR/Nfe4GaXSf9NKMMTskeHC71STak1l5wdB40Wjxm+YYR9/aQjB
mypm7nzq+G+keOOmsOvJFlhFpvHaTwymdqyodeXrSS+t1Day07RfgLhPzvVXdm74
87XF+349foaxfVHdHVvsnM9JmJqwIoZFFvIp3Eo5K5xJllCL+x6yUJp8WdASflq7
qUnu1EQpw7J3Q65fzshr6pp3W5Ii7Vu6ScwOmvECAwEAATANBgkqhkiG9w0BAQUF
AAOCAQEAk5tgoqJ0uUCdqn6bvzB/qClkCk+uWLg+SSJnPEAsM4WMfmmcdnuGSObl
co4bcPSCNCsT2DYP69lMAuK3BfgFv45tfklOuFDzxvN3zr2S6NE+SG1jgpdQleov
J5UQB8qJx0neKlXZBSlTDk/xbWhs9gUaY+DT+tS0aEmTvLha8/da/BzDMIlC1FCc
igZu0oQ2nUnZrfKHvt+XimJW/5jJFXRgUN1KYPtJTRGrPm8pqb87aJvnPeEYPmt8
Wmo1pkLY8NPtn7uS8GN/8REQ2Wu0mc22mqGbifHBJgvwRNagPFId8E6D6bhsz7b+
2YSmWPbgbCO0sll9OK3XAInkn7D0cw==
-----END CERTIFICATE-----
HP:
-----BEGIN CERTIFICATE-----
MIICYzCCAcygAwIBAgIBAjANBgkqhkiG9w0BAQQFADBmMR4wHAYDVQQDExVIUCBK
ZXRkaXJlY3QgMEFFQ0MwNjcxHDAaBgNVBAoTE0hld2xldHQtUGFja2FyZCBDby4x
FTATBgNVBAsTDDAwMTEwQUVDQzA2NzEPMA0GA1UECxMGSjc5MzRHMB4XDTA2MDQw
MTAwMDAwMFoXDTExMDQwMTAwMDAwMFowZjEeMBwGA1UEAxMVSFAgSmV0ZGlyZWN0
IDBBRUNDMDY3MRwwGgYDVQQKExNIZXdsZXR0LVBhY2thcmQgQ28uMRUwEwYDVQQL
EwwwMDExMEFFQ0MwNjcxDzANBgNVBAsTBko3OTM0RzCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAvEP7Lbw4+vQTXzNFZYlJhwuSXDLir8UapfVFXYWhrqNQw4kO
VUFhI5DIhY5AFIQA3oXKqMmIzUQALugkYhCd9Wt+CGrR0uocx0Ea++5K9mnsvJPQ
JFzketi/Ow8pEA5X18VhlIflwQ/GhezG/a9IA/DjeLs0lIUy9iaoR6hsZ7MCAwEA
AaMhMB8wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEB
BAUAA4GBAANeDCx2M7ToEIf/Pt/EKFtZ+9nLb7byaqXzOv35hFum9ZqhWtBwa/yD
+YQU33nakbM0UXsTQ8S3r8ojMNbmQMZMqqXg7M4Vh8bCPem9rWm33oKvBxYeQk9A
ZTbWY3M+9TDV1OYim2BCKr6XkTjV8S65vNtpW+r5+znYcCnPCwlt
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICYzCCAcygAwIBAgIBAjANBgkqhkiG9w0BAQQFADBmMR4wHAYDVQQDExVIUCBK
ZXRkaXJlY3QgMzg4RUMyOTgxHDAaBgNVBAoTE0hld2xldHQtUGFja2FyZCBDby4x
FTATBgNVBAsTDDAwMTQzODhFQzI5ODEPMA0GA1UECxMGSjc5NDlFMB4XDTA1MTEw
MTAwMDAwMFoXDTEwMTEwMTAwMDAwMFowZjEeMBwGA1UEAxMVSFAgSmV0ZGlyZWN0
IDM4OEVDMjk4MRwwGgYDVQQKExNIZXdsZXR0LVBhY2thcmQgQ28uMRUwEwYDVQQL
EwwwMDE0Mzg4RUMyOTgxDzANBgNVBAsTBko3OTQ5RTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAxwIexEqFIClHQTjSELGOg5K5BvKVGbTYx8SHKL1TE5Wp9OSi
geca3Nac4lURC+WEMZUIn8mo+EZ20w/NgsTx6igTSrK8kPQ9sjboKh3sCTHQORbw
2Tv8sNnrOp92IWRVeZl3p+zJ+c1XvKXFPPyL59d6o+SWPkb/2RP9X5SUOwkCAwEA
AaMhMB8wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEB
BAUAA4GBAGoaU8ZXqzke+qfb3yYpfY68V0wVTeqiJApLRnQZ/YBfdvpapqr5mfus
AoWTWDsqL0yQPAUaD7KngYhIO2FPNWV9Wy8gC8TtX6Zkr3s/4OiBXMBdwxVZ/Rab
J2JGtyI2s0zILEXcwtQq1fM86Z4RCAOpz2EuIBbzmxcdLfsqGW0I
-----END CERTIFICATE-----
--
Adam Langley agl at imperialviolet.org http://www.imperialviolet.org
_______________________________________________
tor-dev mailing list
tor-dev at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
More information about the tor-dev
mailing list