On Wed, Mar 25, 2020 at 10:21:36PM -0700, Benjamin Kaduk wrote: > I tihnk it's an interesting idea. To me, perhaps the most valuable part > would be to accumulate a corpus of certificates/chains that are malformed > or fail to validate due to a wide variety of errors, almost akin to a > fuzzing corpus. I'd also be curious (though I'm not entirely sure how > large a practical impact it would have) to perform a clustering analysis > across different X.509 implementations and see if different implementations > produce different distributions of errors. (That is, we might expect each > implementation to have an error for "not valid yet", "expired", "missing > required ASN.1 field", etc.; each implementation will have a different > error string, of course, but if we group all certificates that produce the > same error with the same implementation together, we have a bunch of > different clusters. Repeating the clustering across all implementations > lets us compare the different distributions, and examine certificates that > end up in a different cluster in different implementations.)
That's what frankencert did. Kurt