Recent events have really thrown light onto something I’ve been feeling for a while now: we need better public information about the state of the secure internet. We need to be able to answer questions like:
- What proportion of CA-signed certs are using MD5 signatures?
- What key lengths are being used, with which algorithms?
- Who is issuing which kinds of certificates?
So I decided to go get some of that information, so that I could give it to all of you wonderful people.
