[SSL Observatory] Passive certificate notarization by an IDS; divergent query protocols

Seth Hall seth at icir.org
Wed Feb 27 18:04:37 PST 2013


On Feb 27, 2013, at 4:35 PM, Zack Weinberg <zackw at cmu.edu> wrote:

> As part of a larger research project I'm thinking about the possibility of running notary queries on every certificate that an IDS sees go by. Before I sit down and pound out a bunch of code, I was wondering if anyone has already written something that does this (ideally for Bro, but we could talk about other IDSes as well).

Bro's master branch in our git repository already has a script which does this.  If you clone our repository, it's in scripts/policy/protocols/ssl/notary.bro

  .Seth

--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/





More information about the Observatory mailing list