My DokuWiki

User Tools

Site Tools

Trace:
certificate_monitoring

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
certificate_monitoring [2022/11/02 09:18]
kaduuwikiadmin 		certificate_monitoring [2023/05/22 20:40] (current)
Line 2: Line 2:
  
 Many certificate services automatically issues domain-validated (DV) certificates to websites by checking the URL's phishing status against the Google Safe Browsing API. Once issued, the issuer does not monitor the certificates or take any action afterward. Even if Google later flags the domain as malicious, the issuer will not revoke certificates. As a result, many phishing websites are secured with SSL certificates, spoofing the legitimate clients name. By monitoring the certificate logs, you can detect if your organizations name gets spoofed on SSL certificates. The reason why this is possible is that the issuer submits all of the certificates into a certificate transparency log. This is a mechanism designed to increase public transparency into the activities of CAs. The logs can be accessed by Kaduu. Many certificate services automatically issues domain-validated (DV) certificates to websites by checking the URL's phishing status against the Google Safe Browsing API. Once issued, the issuer does not monitor the certificates or take any action afterward. Even if Google later flags the domain as malicious, the issuer will not revoke certificates. As a result, many phishing websites are secured with SSL certificates, spoofing the legitimate clients name. By monitoring the certificate logs, you can detect if your organizations name gets spoofed on SSL certificates. The reason why this is possible is that the issuer submits all of the certificates into a certificate transparency log. This is a mechanism designed to increase public transparency into the activities of CAs. The logs can be accessed by Kaduu.
 +
 +===== What is a certificate transperency log? =====
 +
 +Certificate Transparency (CT) logs are public, append-only logs that are used to record the issuance of SSL/TLS certificates. These logs are designed to improve the transparency and accountability of the certificate issuance process by making it possible for anyone to view the information that is recorded in the logs.
 +
 +  * CT logs are used to record the issuance of SSL/TLS certificates, including the domain name that the certificate was issued for, the identity of the issuing certificate authority (CA), and the public key of the certificate.
 +  * CT logs are publicly accessible, and anyone can view the information that is recorded in them. This allows anyone to verify that a certificate was issued by a trusted CA and that it has not been tampered with.
 +  * CT logs provide a way to detect and revoke misissued certificates, and this makes it more difficult for attackers to obtain fraudulent certificates.
 +  * CT logs can be used to monitor the issuance of certificates in real-time, and this allows organizations to detect and respond to potential security threats more quickly.
 +  * CT logs are an important part of the certificate issuance process, and they are required by modern browsers such as Google Chrome, Mozilla Firefox, and Microsoft Edge, as well as other industry standards.
 +  * There are multiple CT logs operated by different organizations, but all of them are expected to follow the same CT log standard, to ensure consistency and interoperability between them.
  
 ===== What is the benefit of this monitoring? ===== ===== What is the benefit of this monitoring? =====
certificate_monitoring.1667377111.txt.gz ยท Last modified: 2023/05/22 20:40 (external edit)

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki