search

zkemail / archive.prove.email

A repository to store historical, timestamped DKIM keys; and for anyone to upload their own. Basically https://archive.org for public key registries.
https://registry.prove.email
MIT License
4 stars 3 forks source link

Fetch the auth0.netflix.com and netflix.auth0.com keys for zk jwt too #4

Open foolo opened 9 months ago

foolo commented 9 months ago

From #1

we should fetch the auth0.netflix.com and netflix.auth0.com keys for zk jwt too, but that's a lower priority feature

foolo commented 6 months ago

Yush G, [2024-03-18 19:38] That public key for Netflix auth is in DNS at auth0.netflix.com/pem

Yush G, [2024-03-18 19:38] Or at https://netflix.auth0.com/.well-known/jwks.json

Yush G, [2024-03-18 19:41] Similarly, it rotates and needs backups

Divide-By-0 commented 5 months ago

Olof, 2024-03-26

maybe this one: in the 1M list, there is zebra.com. Then my script found https://zebra.auth0.com/.well-known/jwks.json , but we don't know for sure whether this url actually corresponds to zebra.com (at least as far as i can see). Maybe it really belongs to another company, like zebra.de, or maybe a company with "zebra" as a part of their name, but their preferred tenant name was already taken, so they chose "zebra" instead, many possibilites :)

Yush G, 2024-03-26

What if we could search all the DNS domains here: https://hackertarget.com/find-dns-host-records/

To match the cname format from here: https://auth0.com/docs/customize/custom-domains/auth0-managed-certificates

foolo commented 5 months ago

Yush G, 2024-03-26

What if we could search all the DNS domains here: https://hackertarget.com/find-dns-host-records/ To match the cname format from here: https://auth0.com/docs/customize/custom-domains/auth0-managed-certificates

@Divide-By-0 I looked bit a this. Some potential obstacles: