search

cisagov / admiral

Distributed certificate transparency log harvester
Creative Commons Zero v1.0 Universal
14 stars 3 forks source link

Censys Search API #64

Open king-alexander opened 1 year ago

king-alexander commented 1 year ago

💡 Summary

Explore the viability of using the Censys Search API for collecting certificate data.

Motivation and context

Emergency Directive 19-01 requires CISA to monitor Certificate Transparency logs and report new certificates issued to agency domains.

Implementation notes

There are two tasks involved:

  1. Fetch all certificate fingerprints associated with an agency domain.
  2. Fetch the certificate data from a certificate fingerprint.

Acceptance criteria

king-alexander commented 1 year ago

On second thought, the Celery tasks were designed to make web requests, so I believe it will be easier to use the web API. In which case I will need to handle pagination myself.

king-alexander commented 11 months ago

I will also need to implement a new task to fetch certificate data from a fingerprint.

king-alexander commented 11 months ago

The rate limit for a community subscription is 24 requests per minute.