[cryptography] Interactive graph of the CA ecosystem

Bernhard Amann bernhard at ICSI.Berkeley.EDU
Sat Dec 15 15:53:56 EST 2012


On Dec 14, 2012, at 8:24 AM, Ralph Holz <holz at net.in.tum.de> wrote:

> Hi,
> 
>> To that end, have y'all thought of other views that would be
>> interesting to have? Also, can you put more meta data along with the
>> provider? Such as address, parent company, how long they've been a CA,
>> (if it's known) how many certs they've signed?
> 
> Certainly nice information.
> 
> @Bernhard: That information can be found in the Mozilla spreadsheet that
> Kathleen Wilson maintains in Google Docs. A Google search of
> moz.dev.sec.pol should yield it.

The information on how many certificates each CA has signed already is in
the graph. Just click on whatever CA; the bar that slides out on the left shows
the number of certificates directly signed by the CA as "Child certificates".

And I found the spreadsheet  at http://tinyurl.com/MozillaBuiltInCAs.

You are right, especially including owner Information would be interesting - and
at a first glance it should be possible to import the spreadsheet in our database
and (hopefully) automatically match it to the certificates. 

I will note it as a to do for the next version :). It is not entirely trivial, because at the 
moment our database does not contain all fields that are required to match.

Bernhard


More information about the cryptography mailing list