Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-9057

Implement a validator for the Google Safe Browsing API

    Details

    • Provenance:
      Internal Delivery
    • Sprint:
      EJBCA Team Alice - 2020 w13, EJBCA Team Alice - 2020 w16

      Description

      You can use the Google Safe Browsing API to prevent certificate issuance to malicious actors trying to get certificates for their phishing site.

      https://developers.google.com/safe-browsing/v4

      The API is public, but you need an API key from Google. Google provides both a "Lookup API" and an "Update API". The "Lookup API" seems to be a good start, but support for the "Update API" could be added later.

      Submit dnsNames in the certificate to the API and check for threats before issuance. A DnsNameValidator can do this.

      Don't forget to add some documentation.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              bastianf Bastian Fredriksson
              Reporter:
              bastianf Bastian Fredriksson
              Verified by:
              Henrik Sunmark
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 4 hours
                  4h
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 4 hours
                  4h