Comments (6)
0xdiba
commented on July 29, 2024
I totally agree with both.
Probably the same thing must be done to the issuer column.
Should we make these fields jsonb fields for consistency or
go with different fields for all of them ? ( subject_cn, subject_o etc... )
from tls-observatory.
jvehent
commented on July 29, 2024
A different column for each seems overkill, but better in line with how databases are supposed to work.
jsonb would allow us to query inside without require multiple columns, I like that options (select subject->>'CN').
Or we can just store the string: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.google.com
Whichever you think is best.
from tls-observatory.
jvehent
commented on July 29, 2024
Another side effect of the current code is that a number of CA certs don't have a CN, and their subject columns are empty in the database. For example:
observatory=> select count(id) from certificates where is_ca='t' and subject='';
count
-------
68from tls-observatory.
0xdiba
commented on July 29, 2024
Yes a lot of CAs have an empty CN.
This will be solved by transforming the subject and issuer columns to type jsonb and storing all the fields that identify the subject or issuer ( CN, C , O ...).
from tls-observatory.
0xdiba
commented on July 29, 2024
Isn't this solved with the merging of #77 ?
from tls-observatory.
jvehent
commented on July 29, 2024
Yep. 👍
from tls-observatory.
Related Issues (20)
- CODE_OF_CONDUCT.md file missing
- Please consider using semver compatible tags
- ssl_prefer_server_ciphers off causes TLS level Non-compliant HOT 1
- Root store results do not match current Firefox HOT 1
- Symantec Cert Waring - False Positives HOT 2
- CI failing to find MS CA cert HOT 2
- panic: runtime error: index out of range [0] with length 0
- Modify CircleCI config to avoid rate limiting.
- Scan API doesn't return results HOT 2
- Add worker health output to __heartbeat__ endpoint. HOT 1
- Wrong ECC keys length ? 512 to 521
- EV Checker: BRs no longer require OCSP URI in the AIA of intermediate certificates HOT 1
- EV Checker: resulting message confusing
- Error initializing top1m
- Please correct the IsTechnicallyConstrained logic in the certificate tool
- Build fail on power machine
- Crypto Go :we are a research group to help developers build secure applications.
- Add support for PSS algorithms in /certificates and certsplainer
- TLS Observatory does not recognize Let's Encrypt Certs HOT 11
- TLS Observatory: certsplainer.html displaying incorrect data
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tls-observatory.