Internet
Regional Registries Countries WHOIS
Runet
Runet AS Runet IX Organizations AS-SET objects AS-SET cycles Runet connectivity Runet services TLS CA in AS Interconnection graph Map
About log in
log out
Рус

TLS CA in autonomous systems

×

Russian and foreign AS in hosting HTTPS/TLS-nodes

Дата:

Russian AS Foreign AS
Number of nodes % Number of nodes %
Number of unique IPv4 addresses
TLS-nodes of Russian sites
Number of Russian sites,
pointing to these IPv4 addresses

TLS CA rating for nodes and names, placed in Russian and foreign AS

Месяц:

Description

Hostnames corresponding to second-level names in Russian TLDs .RU, .SU, .РФ are mapped to IP addresses with DNS A record query. For each resulting pair of IP address and a hostname we attempt to establish a TLS connection on 443/tcp (HTTPS) and download TLS certificates. The certificates received are validated against the built-in list of trusted CA (Certification Authority) certificates (a subset of the well-known NSS/Mozilla list). CA names and subject names in .RU, .SU, .РФ TLDs are extracted from valid certificates, including names in additional fields (SAN). One server certificate downloaded from HTTPS node under a particular domain may include many other names (for example, a certificate received from a host under test.ru has example.com and example.net names included). IP addresses are mapped to AS numbers and cumulative statistics are calculated on obtained data. The rating of CA by AS accounts for IP addresses of nodes that returned certificates of this particular CA, therefore the same autonomous system can be counted multiple times for different CA.