search

danwent / Perspectives-Server

network notary implementation for the Perspectives project
http://perspectives-project.org
GNU General Public License v3.0
50 stars 13 forks source link

Let users request on-demand scans of a website #20

Open daveschaefer opened 11 years ago

daveschaefer commented 11 years ago

When a website legitimately updates its certificate it normally has to wait for the notary's scheduled scanning process to run before information is updated. This is not ideal as it can take a long time for the updated cert information to propagate, and users will see a scary red 'X' for the site.

Add an optional feature that allows any visitor to submit the name of a site to be scanned on demand. The notary will then attempt to scan the site just as it normally would, using the same settings, and update its database with the new certificate information. Legitimate site owners or good samaritans could then notify notaries that a certificate has changed.

It is important that the notary itself do the scanning and that the only input allow by the user is the name of the site. Also, scans should be rate-limited, perhaps by IP address, by target site, and by total requests in 24 hours, so that the notary cannot be overwhelmed.

danwent commented 10 years ago

Yeah, I think we could have a simple rule like we will do at most one on-demand probe per service_id per day per notary server. If this is to handle a legitimate one-time key change, such things should be very infrequent, such events should be very rare.

Dan

On Sun, Jul 28, 2013 at 9:00 PM, Dave notifications@github.com wrote:

When a website legitimately updates its certificate it normally has to wait for the notary's scheduled scanning process to run before information is updated. This is not ideal as it can take a long time for the updated cert information to propagate, and users will see a scary red 'X' for the site.

Add an optional feature that allows any visitor to submit the name of a site to be scanned on demand. The notary will then attempt to scan the site just as it normally would, using the same settings, and update its database with the new certificate information. Legitimate site owners or good samaritans could then notify notaries that a certificate has changed.

It is important that the notary itself do the scanning and that the only input allow by the user is the name of the site. Also, scans should be rate-limited, perhaps by IP address, by target site, and by total requests in 24 hours, so that the notary cannot be overwhelmed.

— Reply to this email directly or view it on GitHubhttps://github.com/danwent/Perspectives-Server/issues/20 .

Dan Wendlandt
650-906-2650