Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Collect, watch, and analyze SSL/TLS CRL data
Shell Python
branch: master
Failed to load latest commit information.
crl-parsed
crl-raw Update CRL SQL fetching and CRL list
src Update CRL SQL fetching and CRL list
AUTHORS Add AUTHORS file
LICENSE
Makefile Makefile for easier use
README ATM machine, machine
TODO TODO

README

crlwatch - collect, watch, and analyze SSL/TLS CRL data


                                 Files of interest

crl-raw/ - contains all downloaded CRL files hashed and ending with .crl
crl-raw/master-crl-list.txt - a sorted and uniq list of all discovered CRLs
crl-raw/raw-crl-sql-output-list.txt - an unsorted raw list of the CRL SSL
                                      observatory data
crl-parsed/ - contains text output for every parsed CRL; the names are hashed
              and end with .crl2txt
fetch-crls.sh - Fetch all known CRLs over Tor
git-commit-crl-data.sh - Process all CRL files and pack them into a git repo
parse-raw-crl-to-text.sh - parse a given CRL file into readable text
generate-crl-list.sql - pull relevant information from the observatory
parse-crl-list.py - parse raw SQL output into a list useful for sorting

                                Examples

Do a bunch of stuff that you want to do regularly:

    make

Generate a full list of all known CRL files:

  parse-crl-list.py raw-crl-sql-output-list.txt \
                    |sort|uniq > master-crl-list.txt

Fetch all of the listed CRL files:

  fetch-crls.sh master-crl-list.txt

Parse and commit all CRL files:

  git-commit-crl-data.sh master-crl-list.txt

Parse a single CRL into text:

 parse-raw-crl-to-text.sh foo.crl

Something went wrong with that request. Please try again.