Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

With that said, given that (1) pre-certificates in the log are big and (2) lifetimes are shortening and so there will be a lot of duplicates, it seems like it would be good for someone to make a feed that was just new domain names.


There's an extension to static-ct-api, currently implemented by Sunlight logs, that provides a feed of just SANs and CNs: https://github.com/FiloSottile/sunlight/blob/main/names-tile...

For example:

  curl https://tuscolo2026h1.skylight.geomys.org/tile/names/000 | gunzip
(It doesn't deduplicate if the same domain name appears in multiple certificates, but it's still a substantial reduction in bandwidth compared to serving the entire (pre)certificate.)


Merklemap offers that: https://www.merklemap.com/documentation/live-tail


These exist for apex domains; the real use-case is subdomains.


Sure, but the subdomains will be duplicated for the same reasons.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: