by Johanna Amann | Mar 6, 2014 | notary, ssl
Update: we now host a test server at gnutls.notary.icsi.berkeley.edu. See gnutls command lines below. The recent GnuTLS certificate verification bug made it possible to craft an arbitrary certificate in a way that GnuTLS would validate correctly against a...
by Johanna Amann | Jan 4, 2013 | notary, ssl
Turktrust, a Certificate Authority (CA) that is trusted by all major browsers and systems accidentally issued intermediate CA certificates instead of end-host certificates to two of its clients. Both of these intermediates were valid and signed by the Turktrust root,...
by Johanna Amann | Dec 14, 2012 | notary, ssl
As we mentioned in our preceding blog posting, ICSI has been harvesting details about SSL connections and their contained certificates since the beginning of this year.We use the data to provide a notary service to the community, which can be used to retrieve...
by Matthias Vallentin | Nov 2, 2012 | community, dns, notary, ssl
Today, we are happy to publicly announce the ICSI Certificate Notary. This service provides near real-time reputation information on a large number of TLS/SSL certificates seen in the wild, collected continuously by Bro at several partner network sites. The notary’s...