Hi all,
I am new to cert transparency, and I don't understand something I am seeing:
I am using Cali Dog's CertStream to monitor new cert issuance and I am seeing multiple X509LogEntries for a single host (I filtered out PreCerts).
Below are few examples of what I mean, the layout is:
hostname
source log
update type
message type
authority
fingerprint
serial number, and
I added a timestamp of when I it was read from the certstream
The host, source, and CA is the same, and the fingerprint and serial number is different. At first I thought it might be some kind of propagation between logs, but in the example below the polled log is the same in all three cases...
I would really like to understand what I am looking at. I was hoping someone could take the time to explain it :)
Thx in advance,
Adam
zz5b0zbooks.ml, Google 'Pilot' log, X509LogEntry, certificate_update, OCSP - URI:http://ocsp.comodoca4.comCA Issuers - URI:http://crt.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crt, 03:9D:02:34:E8:E7:DF:DC:10:19:24:8A:2C:A9:93:E9:20:71:95:93, 4514A395208FD36ADB8582D9394EE1CE, 2018-06-08 18-27-20
zz5b0zbooks.ml, Google 'Pilot' log, X509LogEntry, certificate_update, OCSP - URI:http://ocsp.comodoca4.comCA Issuers - URI:http://crt.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crt, 06:13:3E:FB:F5:01:5D:BD:02:E9:DC:E2:05:C3:D4:38:64:03:DD:68, D2C3635EFF70175FC53A20F09724CA65, 2018-06-08 18-27-26
zz5b0zbooks.ml, Google 'Pilot' log, X509LogEntry, certificate_update, OCSP - URI:http://ocsp.comodoca4.comCA Issuers - URI:http://crt.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crt, 87:67:E5:37:67:5E:57:1A:5F:B7:C7:C5:4F:92:6F:13:1D:9E:2B:98, DE706E2A682BBB580B63725941E49195, 2018-06-08 18-27-20
--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/c8669aee-6ced-4de5-ba90-5b4cb7785e3c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.