Hi, > study this more carefully and sooner as possible. SSL Observatory from > EFF is a step forward but we need more.
Their distributed observatory is probably going to help much here, but I can offer the data sets from our paper. I'll put the paper online tomorrow and paste the link here. > 1 - We need data on the details of certificates obtained from > different geographic/government locations when pointing to popular > endpoints such us google, facebook and so on We did not find any differences in the top 200 or so, and the rest did not seem suspicious. See the links in the previous mail for the set of differing certs. > 2 - We need to map/take_in_account clustered endpoints, like google, > when doing this, since certificates differ in the clusters. We did not observe that too often (Microsoft did it, not sure about Google), but yes, we would need to crawl such clusters. > 3 - Sitting ourselfs in different geographic locations when performing > data collection should be done using different methods (use of > proxy's, people from different countries submitting their certificates > views..???). Sorry, I don't quite get that? Ralph -- Dipl.-Inform. Ralph Holz I8: Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography