Roland Bracewell Shoemaker rolandshoemaker
🏴
rolandshoemaker
/ bad-uas.txt
Created
March 25, 2016 20:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ua # affected total % | |
| -- ---------- ----- - | |
| LetsEncryptPythonClient/0.2.0 (CentOS Linux 7.2.1511) Authenticator/webroot Installer/none 2645 2645 100.00 | |
| simp_le/0 44 944 4.66 | |
| Faraday v0.9.2 39 210 18.57 | |
| python-requests/2.8.1 38 40 95.00 | |
| LetsEncryptPythonClient/0.2.0 (CentOS 6.5) Authenticator/manual Installer/none |
rolandshoemaker
/ 20160213_dnsrecords_all-caa
Created
February 22, 2016 01:36
All CAA records from the 20160213_dnsrecords_all scan (https://scans.io/study/sonar.fdns)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0day.net,caa,0,issue,"digicert.com" | |
| 0x4a42.net,caa,0,iodef,"mailto:[email protected]" | |
| 0x4a42.net,caa,128,issue,"letsencrypt.org" | |
| akademiaf2p.com,caa,0,iodef,"mailto:[email protected]" | |
| akademiaf2p.com,caa,128,issue,"startssl.com" | |
| akademiaf2p.com,caa,128,issuewild,"startssl.com" | |
| akademiaf2p.pl,caa,0,iodef,"mailto:[email protected]" | |
| akademiaf2p.pl,caa,128,issue,"startssl.com" | |
| akademiaf2p.pl,caa,128,issuewild,"startssl.com" | |
| arrakis.tv,caa,2,auth,"0>09\006\010+\006\001\004\001\214y\002\003\001\006 `\134H\001e\003\004\002\001\004 \183\0223\134te\156;\171z\196\164DL\246J_.\229\176\229.\231f\148\030\2253\222/\177\229\002\001\000" |
rolandshoemaker
/ ecosystem.gdf
Last active
December 29, 2015 16:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nodedef>name VARCHAR,label VARCHAR,leavesIssuedBelow DOUBLE | |
| 0,CN=GeoTrust Primary Certification Authority; O=[GeoTrust Inc.]; C=[US],21241.0 | |
| 1,CN=HBC-Global CA - G 01; O=[Hochschule Biberach]; OU=[Rechenzentrum]; L=[Biberach]; ST=[Baden-Wuerttemberg]; C=[DE],9.0 | |
| 2,CN=RWTH Aachen CA; O=[RWTH Aachen]; C=[DE],461.0 | |
| 3,CN=ACA - Trusted Certificates - 2014; O=[Consejo General de la Abogacia]; OU=[Autoridad de Certificacion de la Abogacia]; C=[ES],29.0 | |
| 4,CN=AOL Time Warner Root Certification Authority 1; O=[AOL Time Warner Inc.]; OU=[America Online Inc.]; C=[US],10.0 | |
| 5,CN=Gandi Pro SSL CA; O=[GANDI SAS]; C=[FR],224.0 | |
| 6,CN=IPS CA CLASE1 Certification Authority; O=[IPS Internet publishing Services s.l. -- [email protected] C.I.F. B-60929452]; OU=[IPS CA CLASE1 Certification Authority]; L=[Barcelona]; ST=[Barcelona]; C=[ES],10.0 | |
| 7,CN=KPN Corporate Market CSP Organisatie Services CA - G3; O=[KPN Corporate Market B.V.]; C=[NL],1.0 | |
| 8,CN=USERTrust RSA Organization Validation Secure Server CA; O=[The USERTRUST Network]; L=[J |
rolandshoemaker
/ suffixes.txt
Last active
December 23, 2015 02:05
Counts of eTLD+1's that have more than 500 certificates issued for subdomains (according to Googles Pilot CT log)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Popular DNS name suffixes | |
| Count eTLD+1 | |
| 923168 53.7032% cloudflaressl.com | |
| 113932 6.6277% cloudflare.com | |
| 30204 1.7570% tum.de | |
| 25858 1.5042% mpg.de | |
| 13705 0.7973% asu.edu | |
| 13634 0.7931% gwstest.net | |
| 11823 0.6878% hu-berlin.de | |
| 11006 0.6402% badssl.com |
rolandshoemaker
/ pilot-validity-dist.txt
Last active
December 21, 2015 08:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Validity distribution by month | |
| Count Validity period (months) | |
| 130 0.0025% <1 | |
| 2779 0.0531% 1 | |
| 97233 1.8581% 2 * | |
| 323203 6.1762% 3 ****** | |
| 19613 0.3748% 4 | |
| 126802 2.4231% 5 ** | |
| 77970 1.4900% 6 * | |
| 51869 0.9912% 7 |
rolandshoemaker
/ gist:d65f1bc251b70bad95d0
Last active
December 16, 2015 06:02
Pilot CT breakdown, scroll down for CA -> sub-CA lineages
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Largest issuers with no sub CAs and >1000 leaves | |
| Rank 1: 866777 CN=COMODO ECC Domain Validation Secure Server CA 2; O=[COMODO CA Limited]; L=[Salford]; ST=[Greater Manchester]; C=[GB] | |
| Rank 2: 646737 CN=COMODO RSA Domain Validation Secure Server CA; O=[COMODO CA Limited]; L=[Salford]; ST=[Greater Manchester]; C=[GB] | |
| Rank 3: 555286 CN=Go Daddy Secure Certificate Authority - G2; O=[GoDaddy.com - Inc.]; OU=[http://certs.godaddy.com/repository/]; L=[Scottsdale]; ST=[Arizona]; C=[US] | |
| Rank 4: 353828 CN=RapidSSL SHA256 CA - G3; O=[GeoTrust Inc.]; C=[US] | |
| Rank 5: 146056 CN=AlphaSSL CA - SHA256 - G2; O=[GlobalSign nv-sa]; C=[BE] | |
| Rank 6: 131494 CN=StartCom Class 1 Primary Intermediate Server CA; O=[StartCom Ltd.]; OU=[Secure Digital Certificate Signing]; C=[IL] | |
| Rank 7: 129902 CN=Go Daddy Secure Certification Authority; O=[GoDaddy.com - Inc.]; OU=[http://certificates.godaddy.com/repository]; L=[Scottsdale]; ST=[Arizona]; C=[US] | |
| Rank 8: 127819 CN=GlobalSign Organization Validation CA - G2; O=[GlobalSign |
rolandshoemaker
/ pilot-all
Last active
May 3, 2021 12:42
*WIP* Certificate authorities and their sub CA sizes according to Google's Pilot CT log. The first file shows information for all certificates in Pilot (including expired), the second file shows information for only non-expired certificates. Hacky code here: https://github.com/rolandshoemaker/ca-adoption-scanner/blob/master/cmd/ca-sizes/main.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Size rank: 1 | |
| + Equifax, Direct leaves: 32755, Total leaves: 1850722, Direct sub CAs: 7, Total sub CAs 39 | |
| ∟ GeoTrust Global CA, Direct leaves: 31, Total leaves: 1767974, Direct sub CAs: 23 | |
| ∟ RapidSSL CA, Direct leaves: 721323 | |
| ∟ RapidSSL SHA256 CA - G3, Direct leaves: 383200 | |
| ∟ GeoTrust DV SSL CA, Direct leaves: 301677 | |
| ∟ GeoTrust DV SSL CA - G4, Direct leaves: 117370 | |
| ∟ GeoTrust SSL CA, Direct leaves: 61454 | |
| ∟ Volusion, Inc. DV SSL CA, Direct leaves: 46989 | |
| ∟ GeoTrust SSL CA - G3, Direct leaves: 41678 |
rolandshoemaker
/ boulder-dashboard.json
Created
October 4, 2015 04:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "id": 1, | |
| "title": "Boulder", | |
| "originalTitle": "Boulder", | |
| "tags": [], | |
| "style": "dark", | |
| "timezone": "browser", | |
| "editable": true, | |
| "hideControls": false, | |
| "sharedCrosshair": false, |
rolandshoemaker
/ gist:9727fb8817268fd0fda9
Created
October 4, 2015 00:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ff5f00000000000000000000000000000000 | |
| ff5a00000000000000000000000000000000 | |
| fff700000000000000000000000000000000 | |
| ffe700000000000000000000000000000000 | |
| ff5100000000000000000000000000000000 | |
| ff1500000000000000000000000000000000 | |
| ff8700000000000000000000000000000000 | |
| ffad00000000000000000000000000000000 | |
| ff5a00000000000000000000000000000000 | |
| ffc800000000000000000000000000000000 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [roland@niya:...hub.com/letsencrypt/boulder]$ go run ./cmd/ca-bench/main.go -issuanceSenders 10 -ocspSenders 10 -runtime 1m -statsInterval 5s (ca-bench✱) | |
| 2015/09/30 19:09:03 [DEBUG] Parsed OID [2 23 140 1 2 1] | |
| 2015/09/30 19:09:03 [DEBUG] Parsed OID [1 2 3 4] | |
| 2015/09/30 19:09:03 Using default logging configuration. | |
| Running for (approximately) 1m0s | |
| issuances: 59 (rate: 11.80/s, errors: 0), ocsp signings: 58 (rate: 11.60/s, errors: 58), total rate: 23.40/s | |
| issuances: 108 (rate: 10.80/s, errors: 0), ocsp signings: 108 (rate: 10.80/s, errors: 108), total rate: 21.60/s | |
| issuances: 160 (rate: 10.67/s, errors: 0), ocsp signings: 160 (rate: 10.67/s, errors: 160), total rate: 21.33/s | |
| issuances: 210 (rate: 10.50/s, errors: 0), ocsp signings: 209 (rate: 10.45/s, errors: 209), total rate: 20.95/s | |
| issuances: 256 (rate: 10.24/s, errors: 0), ocsp signings: 254 (rate: 10.16/s, errors: 254), total rate: 20.40/s |