Follow

crt.sh – certificate search and monitoring:

crt.sh/

– Tool to search for certificates and their details (e.g., CA, serial number, hash values).
– Allows you to monitor issuing of new certificates via RSS/Atom (example: crt.sh/atom?q=infosec-handbook).

@infosechandbook What do you Think about Certs? Do every website load leak my Ip adress to the CA? You use Lets Encrypt but it is also an american NGO... so do you trust this chain witch your browser is building?

Do you know WPIA? Whats your opinion about this NGO?
wpia.club/de/

@cires

If your web browser loads a website with a certificate, the cert is checked locally in your web browser. Either your browser or your operating system store root certs of CAs that allow them to check this. There is no traffic between clients and CAs.

However, a web server offering OCSP without any extension leaks your IP address to the CA. We use OCSP stapling, so there is no leak. The traffic is solely between your clients and our web server.

Sign in to participate in the conversation
Mastodon

mastodon.at is a microblogging site that federates with most instances on the Fediverse.