This repository has been archived by the owner on Aug 2, 2023. It is now read-only.
Google should provide log_list.json in it's various derived formats #1474
Comments
|
Its a pain to generate the OpenSSL compliant format (I know), but all you need is python 2.x and a bit of patching since the new JSON schema does not work with the code here! python2.7 utilities/log_list/print_log_list.py \
--log_list log_list.json \
--skip_signature_check \
--log_list_schema log_list_schema.json \
--openssl_output known_logs.cnfNOTE: I skipped signature verification. By the way, I recommend to generate the openSSL file always using the latest files provided by CT to keep up to date with changes. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Certificate transparency adoption would rise if Google's GStatic hosted the OpenSSL, Java, and CPP versions along with the JSON.
Generating the OpenSSL version was long and complex (multiple toolchains, Python, Bazel, etc) and largely undocumented.
Moreover, OpenSSL should include the CT list in its distribution so that it can serve as a root of trust on other operating systems.
Derived version for OpenSSL: https://gist.github.com/rickmark/f56404d159687b9f20ec5cb5e55efd49
The text was updated successfully, but these errors were encountered: