search

mozkeeler / sunlight

Examine the Certificate Transparency Log for Baseline Requirements issues
MIT License
2 stars 1 forks source link

rank BRs by badness #36

Open monicachew opened 9 years ago

monicachew commented 9 years ago

We should just assign these weights and then compute the overall score based on weight. Right now all weights are equal

Worst to best:

  1. Deprecated Version (weight=40)
  2. Key size (weight=20)
  3. SHA-1 (weight=15)
  4. No OCSP url
  5. Exp too small (weight=10)
  6. period too long (weight=5)
  7. Missing CN in SAN (weight=5)
  8. Missing extKeyUsages extension
  9. Missing certificatePolicies extension
mozkeeler commented 9 years ago

13 8 5 3 2 1 1