[cryptography] Expired/Revoked certificates + private keys

Jeffrey Walton noloader at gmail.com
Fri Aug 16 11:14:09 EDT 2013


On Fri, Aug 16, 2013 at 11:03 AM, Dominik Schürmann
<dominik at dominikschuermann.de> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> For a research project on OCSP, we are searching for expired and
> revoked X.509 certificates with their corresponding private keys. Any
> help or pointers to find leaked keys are much appreciated.
littleblackbox (http://code.google.com/p/littleblackbox/) is a
database of well known private keys from a number of devices and
appliances. As far as I know, most have never been revoked (or the
device/appliance updated) even though they are well known.

Jeff


More information about the cryptography mailing list