search

CaliDog / certstream-server

Certificate Transparency Log aggregation, parsing, and streaming service written in Elixir
https://certstream.calidog.io
MIT License
271 stars 75 forks source link

Move data.chain to full-stream #47

Closed Synse closed 3 years ago

Synse commented 4 years ago

If https://github.com/CaliDog/EasySSL/pull/11 is merged and version bumped here it would add issuer to the leaf_cert data.

I think adding the issuer and moving chain to /full-stream would reduce the data transfer for most use cases.

For anyone that needs the full issuing chain, everything would still be available (albeit slightly larger with the der encoded certificate and new issuer field) in the full stream.

Fitblip commented 3 years ago

Yeah agreed, I think most people are using the stream to just read the "all dns names" array, and this would probably be good to do. Not sure when I'll have time to get to it, but I might find a random day to do it!

Synse commented 3 years ago

The PR mentioned above was merged and c672a9b bumped EasySSL from 1.1.2 to 1.3.0 so issuer (and some other fields) are now included for leaf_cert (and certs in chain) so this should be viable now.

I'll also take a look if I get some free time.

Fitblip commented 3 years ago

Hey there @Synse, thanks for the suggestion. This is implemented in #56, and will be live on certstream.calidog.io shortly!

Let me know if you run into any issues :)

Synse commented 3 years ago

Just following up to say this is working great, thanks for implementing!