Skip to content

Instantly share code, notes, and snippets.

View rmhrisk's full-sized avatar

Ryan Hurst rmhrisk

82 followers · 44 following
View GitHub Profile
@rmhrisk
rmhrisk / webpki-report.md
Created March 18, 2024 15:15
Rank Certificate Authority Unexpired Precertificates Percentage Cumulative %
1 Internet Security Research Group 338,978,164 47.928% 47.928%
2 DigiCert 81,481,742 11.521% 59.449%
3 Sectigo 71,963,799 10.175% 69.624%
4 GoDaddy 69,771,281 9.865% 79.489%
5 Amazon Trust Services 56,893,730 8.044% 87.533%
6 Google Trust Services LLC 56,021,094 7.921% 95.454%
7 Microsoft Corporation 23,484,401 3.320% 98.774%
8 IdenTrust Services, LLC 4,385,571 0.620% 99.394%
@rmhrisk
rmhrisk / WebPKI Region and Country.py
Last active April 4, 2024 23:18
Look at CA distribution by region and country
import pandas as pd
import requests
from cryptography import x509
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from io import StringIO
from datetime import datetime, timezone
import time
import matplotlib.pyplot as plt
@rmhrisk
rmhrisk / webpki-ca-countries.py
Created March 18, 2024 22:45
import pandas as pd
import requests
from cryptography import x509
from cryptography.hazmat.backends import default_backend
from io import StringIO
from cryptography.hazmat.primitives import hashes
import matplotlib.pyplot as plt
def download_csv(url):
response = requests.get(url)
@rmhrisk
rmhrisk / WebPKI Business Sales.md
Last active March 25, 2024 17:33

WebPKI and Digital Signature related M&A + Investment + Public Offerings

  • This was inspired by Matt Suiche's great post on cyber security M&A related activity; there is some overlap but not much.
  • This is all public data.
  • I have also intentionally excluded sales of WebPKI key material, not only are these prices not public but they are usually very special cases that are in-essence impossible to compare effectively.
  • I have also included HSMs, Smart card, Digital signatures and CA related software companies in this list as it seems relevant.
Purchased Purchaser Date Price Structure Notes
@rmhrisk
rmhrisk / WEB PKI CA Revenue.md
Last active November 15, 2021 22:15

WebPKI CA Revenue

Company Year Amount
BuyPass 2015 They reported revenue of 192 million Norweigan Krones in 2015; using today's exchange rate, this is about $23 million US dollars.
Quovadis 2016 WISeKey reported QuoVadis (whom they acquired) had revenue of $18
@rmhrisk
rmhrisk / Progressive Web Applications, Isomorphic Javascript and Web Crypto.md
Last active June 3, 2020 08:41
Progressive Web Applications, Isomorphic Javascript and Web Crypto

A Progressive Web Appplication uses modern web capabilities to deliver an app-like user experience, these applications are sometimes built as isomorphic web applications. In these cases, much of the code that runs on the client also runs the server.

This combination of approaches and the various technologies that make them possible are being used to build a new class of web applications that can often come together quicker and in many cases are indistinguishable from native applications.

So much so, thanks to Electron, you can often wrap these web applications as "native applications". These web-native applications look great too, if you use Slack or Visual Studio Code you know what I am talking about.

I believe Web Crypto is a great addition to this toolchain. With the Web Crypto these applications can incorporate strong,

@rmhrisk
rmhrisk / Web Crypto and Web Application Security Basics.md
Last active July 12, 2019 07:42
Web Crypto and Web Application Security Basics

If you are going to be using Web Crypto in your application you better also get the basics of Web Security in your application taken care of. This is a list of resources that are useful when looking at the security of a web application.

TLS

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a computer network.

Resources

@rmhrisk
rmhrisk / WebCrypto Support.md
Last active July 12, 2019 07:42
WebCrypto Support as of May 4th 2017

Edge image

Safari image

Chrome image

Firefox

@rmhrisk
rmhrisk / Web Crypto is Everywhere.md
Last active October 31, 2018 15:17
Web Crypto is Everywhere!

We do security-oriented development in Javascript on both the server (Node) and in the browser and strive to share code whenever possible. This led us to build a few different libraries based on Web Crypto, the first of which was PKIjs.

The first commit to PKIjs, our PKI library for browsers based on Web Crypto, was in February of 2014. When we started this project Web Crypto was basically only supported by Chrome. Today that picture has changed a lot and all major browsers support it to varying degrees.

Using Web Crypto made sense to use as the cryptographic library for this project for a few reasons, one of the largest being the risks associated with Javascript based cryptography.

Though browser support for Web Crypto has improved significantly there are still a [few rough edges](https://www.boxcryptor.com/de/blog/post/bui

@rmhrisk
rmhrisk / fedor ping.md
Last active November 24, 2016 09:19
fedor ping.md 
Ryans-MBP:room_react_skylink rmh$ ping google.com
PING google.com (216.58.193.78): 56 data bytes
64 bytes from 216.58.193.78: icmp_seq=0 ttl=55 time=6.156 ms
64 bytes from 216.58.193.78: icmp_seq=1 ttl=55 time=5.830 ms
64 bytes from 216.58.193.78: icmp_seq=2 ttl=55 time=7.903 ms
64 bytes from 216.58.193.78: icmp_seq=3 ttl=55 time=7.963 ms
64 bytes from 216.58.193.78: icmp_seq=4 ttl=55 time=6.510 ms
64 bytes from 216.58.193.78: icmp_seq=5 ttl=55 time=4.856 ms
64 bytes from 216.58.193.78: icmp_seq=6 ttl=55 time=6.755 ms