oss-sec mailing list archives
Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/
From: Reed Loden <reed () reedloden com>
Date: Wed, 25 Nov 2015 07:54:08 -0800
Great idea, Kurt. Is this related to this recent CERT/CC advisory? http://www.kb.cert.org/vuls/id/566724 http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html On Tuesday, November 24, 2015, Kurt Seifried <kseifried () redhat com> wrote:
https://github.com/RedHatProductSecurity/Certificates-Shipped/ The idea is to create a comprehensive list of shipped certs/keys/etc by open source vendors/distributions/projects so that: 1) we have a list of secrets maintained by external parties that we rely upon 2) we can audit them and make sure we should be trusting them 3) also spot changes more easily (since the existing corpus is available)
Current thread:
- Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 24)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Reed Loden (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Hanno Böck (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Gsunde Orangen (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Josh Matthews (Nov 30)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 30)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Daniel Micay (Nov 30)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Reed Loden (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Gsunde Orangen (Nov 26)