Skip to content

Instantly share code, notes, and snippets.

  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save robstradling/a5590b6a13218fe561dcb5d5c67932c5 to your computer and use it in GitHub Desktop.
Survey of key sizes in unexpired publicly-trusted server certs, as of 2021-01-07
Count Key Algorithm Key Size min(crt.sh ID) max(crt.sh ID)
403267520 RSA 2048 14 3887788878
67076276 EC 256 2771492 3887788865
57012579 RSA 4096 398 3887788867
6467447 EC 384 2771491 3887788832
3098147 RSA 3072 12070670 3887788756
4658 RSA 8192 242899024 3886849719
695 RSA 1024 42 3702550713
116 RSA 3456 1237838607 3882686786
103 RSA 4048 1112885148 3815023853
99 RSA 2432 326763953 3560832665
73 EC 521 960649340 1695407201
66 RSA 2056 1089717356 3875666648
58 RSA 3096 1305570796 3870189307
53 RSA 2096 1143114034 3783082921
47 RSA 2408 1150358242 3790164609
37 RSA 5120 313912055 3330564960
31 RSA 3128 845230178 3062578212
30 RSA 2560 1352045620 3813190209
30 RSA 2080 1753492671 3737282716
29 RSA 4056 234452479 3592108589
19 RSA 4098 917937881 3534830761
18 RSA 3200 2383513074 3865159205
18 RSA 8096 1262954884 3806374055
16 RSA 2480 2363849105 3547430495
15 RSA 1536 12728841 2382680792
14 RSA 4069 301899504 2074718985
14 RSA 2222 1025712463 2706962952
13 RSA 3048 2118839052 3840828820
11 RSA 2064 3201639714 3275452958
9 RSA 2049 291973249 2310032071
7 RSA 4192 1089209100 2907532214
6 RSA 3000 1773479401 2658576186
6 RSA 2058 327405400 3150234739
6 ERROR! -1 1914312 35033387
5 RSA 2084 962426735 2309988066
5 RSA 4906 1139143684 2080518408
4 RSA 16384 1792486455 2763714084
4 RSA 2176 3758829426 3758885480
4 RSA 3078 1540254449 1609059405
4 RSA 3248 2023707822 2793216084
4 RSA 4028 339247744 3028729702
4 RSA 4086 329487340 3150234754
4 RSA 4092 274415268 2151086779
4 RSA 4094 1256714238 2372917221
4 RSA 5096 2422653451 2645872904
4 RSA 6144 1659288981 3407748887
4 RSA 7680 2511635618 3882964819
3 RSA 2047 12716461 12723478
3 RSA 3024 2149436865 2557188727
3 RSA 4095 1271590796 2512694351
3 RSA 3042 1576514174 1597912791
2 RSA 4024 3475080431 3475080473
2 RSA 2032 1262100542 1864020733
2 RSA 2448 1120931127 1145039421
2 RSA 2400 3150160058 3150160070
2 RSA 2344 1543505575 1563007284
2 RSA 8196 1437388936 1445638919
2 RSA 16000 3410093258 3410093309
2 RSA 2648 2480375007 2480375024
2 RSA 2549 2147500948 2194412683
2 RSA 2045 2774 16284756
2 RSA 3584 1434437414 1434439190
2 RSA 3064 3470912550 3470912610
2 RSA 2848 2693743582 2693743727
2 RSA 8000 2994188425 2994346962
2 RSA 3080 3558355412 3581165052
2 RSA 2664 3410048673 3410048939
2 RSA 3112 1923239050 1923242158
2 RSA 3192 3372968979 3372969022
2 RSA 2216 3281705633 3281705640
2 RSA 4097 1204152824 1204154182
2 RSA 2088 2904794597 2904794631
2 RSA 5000 3410039084 3410039168
2 RSA 16016 3410108268 3410108360
2 RSA 16383 967197675 1707813510
1 RSA 10240 2147485190 2147485190
1 RSA 2504 1168914384 1168914384
1 RSA 2046 12714631 12714631
1 RSA 2208 3168741985 3168741985
1 RSA 3333 3014942337 3014942337
1 RSA 4072 3604826634 3604826634
1 ERROR! 2048 2697208174 2697208174
WITH cas AS (
SELECT DISTINCT ctp.CA_ID
FROM ca_trust_purpose ctp
WHERE ctp.TRUST_CONTEXT_ID IN (1, 5, 12, 6, 25, 17, 23)
AND ctp.TRUST_PURPOSE_ID = 1
)
SELECT count(*), x509_keyAlgorithm(c.CERTIFICATE), x509_keySize(c.CERTIFICATE), min(c.ID), max(c.ID)
FROM cas, certificate c
WHERE c.ISSUER_CA_ID = cas.CA_ID
AND coalesce(x509_notAfter(c.CERTIFICATE), 'infinity'::timestamp) >= now() AT TIME ZONE 'UTC'
GROUP BY x509_keyAlgorithm(c.CERTIFICATE), x509_keySize(c.CERTIFICATE)
ORDER BY count(*) DESC;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment