[atlas] HTTPS interception in Atlas probes
- Previous message (by thread): [atlas] USB stick?
- Next message (by thread): [atlas] Probe Fulfilment
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Stephane Bortzmeyer
bortzmeyer at nic.fr
Fri Mar 3 17:22:25 CET 2017
After this excellent talk at NDSS 17 <https://www.internetsociety.org/doc/security-impact-https-interception>, I wanted to see if there are some Atlas probes behind such an interceptor. I cannot run on all Atlas probes (maximum daily spending limit) but I've found at least one: % python cert.py --requested 500 --area North-Central --issuer www.afnic.fr 497 probes reported [<X509Name object '/C=NL/O=OCOM/OU=Security Dep/CN=amspan01.ocom.lan/emailAddress=security at leaseweb.com'>] : 1 occurrences [<X509Name object '/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Extended Validation CA - SHA256 - G2'>] : 496 occurrences Test #7854923 done at 2017-03-03T16:20:43Z The probe is #10035, in Amsterdam <https://atlas.ripe.net/probes/10035/#!tab-general> The cert.py program is at <https://github.com/RIPE-Atlas-Community/ripe-atlas-community-contrib>
- Previous message (by thread): [atlas] USB stick?
- Next message (by thread): [atlas] Probe Fulfilment
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]