[SSL Observatory] Passive certificate notarization by an IDS; divergent query protocols

Zack Weinberg zackw at cmu.edu
Wed Feb 27 13:35:15 PST 2013


As part of a larger research project I'm thinking about the possibility 
of running notary queries on every certificate that an IDS sees go by. 
Before I sit down and pound out a bunch of code, I was wondering if 
anyone has already written something that does this (ideally for Bro, 
but we could talk about other IDSes as well).  I also noticed that 
Convergence, Perspectives, and the ICSI notary seem to implement three 
different query protocols (two HTTP-based, one DNS-based); this seems 
like an unfortunate divergence to me, and so I am also wondering if 
there is any plan to document and standardize how notaries are queried.

Thanks,
zw




More information about the Observatory mailing list