[cabfpub] Possible CAB Forum objection to some gTLD applications

Brian Trzupek BTrzupek at trustwave.com
Sat Jun 30 00:20:11 UTC 2012

Geoff - this IS very interesting data. What was the size of the data set to start?

Sent from my iPhone

On Jun 29, 2012, at 4:12 PM, "Geoff Keating" <geoffk at apple.com> wrote:

> I ran some queries against my database of certificates.  There were 385 domains for which I saw at least one certificate with a DNS name whose last component was in the list of 1300 new gTLD names.  There were 215 domains with a certificate where the domain name had more than one component (eg 'autodiscover.active' rather than just 'active').
> These results included all certificates, including self-signed and expired.  Self-signed certificates are still affected because if a trusted CA issues autodiscover.active, it'll allow a man-in-the-middle attack against a self-signed autodiscover.active.
> What I found surprising was the most popular name.  I had for sure expected something like 'corp' or 'exchange'.  It actually turns out that the most popular, by a huge margin, is 'box':
> box    129973 (associated with 26164 certificates, almost all self-signed)
> mail     7530 (of which almost all are just 'mail')
> exchange 4881 (of which almost all are just 'exchange')
> corp     3891
> office    492
> The full list, counted by DNS names (so two certificates each containing 'mail' and 'www.mail' total to 4), is this:
> <domlist-results-2.html>
> I also made a list of the number of unexpired trusted certificates in each proposed TLD, containing more than one component.  These are the certificates that would likely need to be revoked, if they haven't been already.  Here '.corp' is the most popular:
> <domlist-trusted.html>
> <smime.p7s>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> http://cabforum.org/mailman/listinfo/public

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

More information about the Public mailing list