[cryptography] Interactive graph of the CA ecosystem
Antonio Araujo Brett
aaraujo at cenditel.gob.ve
Fri Dec 14 09:08:18 EST 2012
What a superb work.
Antonio Araujo Brett
El 14/12/12 00:47, Bernhard Amann escribió:
> Hi All,
> We just released an interactive graph that shows the relationship
> between the root-CAs of the Mozilla root-store and their intermediates
> at http://notary.icsi.berkeley.edu/trust-tree/.
> Root-CAs are pictured as red nodes, intermediate CAs are green.
> The node diameter scales logarithmically with the number of
> certificates signed by the node. Similarly, the color of the green
> nodes scales proportional to the diameter.
> The data source for this graph is the ICSI SSL notary , which we
> previously announced on this mailing list. We have been passively
> monitoring the Internet uplinks of a number of (mostly) edu
> networks for certificate and SSL information for about 10 months.
> Clicking on individual nodes reveals additional information about the
> CAs, especially the number of valid child certificates we currently
> know for it.
> In the graph, the CA that directly signed the largest number of
> is the Go Daddy Secure Certification Authority, an intermediate of
> GoDaddy. Our current dataset contains over 74,000 certificates
> that it signed.
> The DFN-Verein CA has signed the largest number of intermediate
> CA certificates. As you might know it provides certificates for
> many German higher education and research institutions. It creates
> a unique sub-CA for each institution for which it issues certificates.
> Our data set currently contains more than 200 sub-CAs of it.
> The DFN does this for administrative reasons. The control of the
> private keys of all sub-CAs remains at the DFN and they check
> each certificate request.
> If you have any questions or comments about this, please let us
> : http://notary.icsi.berkeley.edu/
> cryptography mailing list
> cryptography at randombit.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography