mozilla / crlite

WebPKI-level Certificate Revocation via Multi-Level Bloom Filter Cascade
http://www.cs.umd.edu/~dml/papers/crlite_oakland17.pdf
Mozilla Public License 2.0
77 stars 6 forks source link

Include SCTs in rust-query-crlite output #312

Closed jschanck closed 4 months ago

jschanck commented 4 months ago

Adds some debugging output that will help us diagnose issues with low coverage.

Sample output (the lines starting with DEBUG - SCT are new):

DEBUG - Loaded certificate from facebook.com
DEBUG - Issuer DN: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
DEBUG - Serial number: 058f2602d87cfac7860bd0471b527c7a
DEBUG - Issuer SPKI hash: 936bfae7bc41b0e55ed4f411c0eb07b30ddbb064f657322acf92bee7db0d430b
DEBUG - Issuer enrollment key: Y9KTj27tGscomxSudZYfWJHcTkyXFvsyH6IybXChDzM=
DEBUG - SCT from Google 'Argon2024' log at 1714868970209 is in observed interval [1654791529771, 1721347171488].
INFO - facebook.com Good
DEBUG - Loaded certificate from en.wikipedia.org
DEBUG - Issuer DN: C=US, O=Let's Encrypt, CN=E5
DEBUG - Serial number: 045a7c883edcc31b1a400b5d23a007add957
DEBUG - Issuer SPKI hash: 3586d4ecf070578cbd27aedce20b964e48bc149faeb9dad72f46b857869172b8
DEBUG - Issuer enrollment key: va993LAfb2SYQMCTDekgmMF0Dj0xQN+QG1qOBj244sQ=
DEBUG - SCT from non-enrolled DigiCert Yeti2024 Log at 1718599929364.
DEBUG - SCT from non-enrolled Sectigo 'Mammoth2024h2' at 1718599929559.
WARN - en.wikipedia.org NotCovered