[cryptography] An appropriate image from Diginotar

Ralph Holz holz at net.in.tum.de
Thu Sep 1 05:09:02 EDT 2011


Hi,

>> ---
>> @nocombat writes: SSL Observatory: select count(Subject) from
>> valid_certs where Issuer like '%diginotar%' â01
>> ---
> 
> They've only issued 700-odd SSL certs?  Wow, that's low.  OTOH since their 
> gravy train is mainly built around the Dutch government's PKI letter of marque 
> [0], I could imagine that their generic SSL cert business doesn't get much 
> attention.

I have some values from our own scans - scans conducted against hosts on
the Alexa Top 1M list [1]. Here are the domains they have certified on
that list, almost exclusively .nl:

pki_crawl=# SELECT DISTINCT ON(hashcert) host FROM
certificates_28mar2011_nosni WHERE issuer ILIKE '%DigiNotar%';

             host
------------------------------
 www.ebita.nl
 www.notaris.nl
 www.ind.nl
 overijsselkiest.nl
 spijkenisse.nl
 www.salland.nl
 www.vwa.nl
 atom86.net
 nuon.nl
 vlaardingen.nl
 www.liander.nl
 www.studielink.nl
 senternovem.nl
 cbpweb.nl
 akd.nl
 overheid.nl
 www.rdw.nl
 www.haarlemmermeer.nl
 www.mijnpensioenoverzicht.nl
 nijmegen.nl
 rechtspraak.nl
 officielebekendmakingen.nl
 www.rijkswaterstaat.nl
 www.funprice.nl
 www.digid.nl
 www.norrod.nl
 www.woningnet.nl
 www.zuid-holland.nl
 www.bloemendaal.nl
(29 rows)


[1] We'll make the datasets public soon-ish.

Ralph

-- 
Dipl.-Inform. Ralph Holz
I8: Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20110901/30721f96/attachment.asc>


More information about the cryptography mailing list