-
Notifications
You must be signed in to change notification settings - Fork 79
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
`checkdmarc` will now validate Verified Mark Certificates (VMCs) and Common Mark Certificates (CMC), snd will verify that SHA256 hash of the logo embedded in the certificate matches the SHA256 hash logo at the URL at the BIMI `l` tag. Additionally, SVG and certificate metadata is now included in the `checkdmarc.bimi.parse_bimi_record()` API and JSON CLI output.
- Loading branch information
1 parent
bcd5ddc
commit f494267
Showing
3 changed files
with
100 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIF3jCCA8agAwIBAgIQBsFnz+v0jTXWJBAYXhHF6zANBgkqhkiG9w0BAQsFADCB | ||
| iDELMAkGA1UEBhMCVVMxDTALBgNVBAgTBFV0YWgxDTALBgNVBAcTBExlaGkxFzAV | ||
| BgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29t | ||
| MScwJQYDVQQDEx5EaWdpQ2VydCBWZXJpZmllZCBNYXJrIFJvb3QgQ0EwHhcNMTkw | ||
| OTIzMTIxMjA2WhcNNDkwOTIzMTIxMjA2WjCBiDELMAkGA1UEBhMCVVMxDTALBgNV | ||
| BAgTBFV0YWgxDTALBgNVBAcTBExlaGkxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMu | ||
| MRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMScwJQYDVQQDEx5EaWdpQ2VydCBW | ||
| ZXJpZmllZCBNYXJrIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK | ||
| AoICAQDawvvIO7cL04ptZxgLw/YwqDuluiFsMvGsr+vZcfq5c3hKuX0uMrslza91 | ||
| OFB6SPmbkG2hLErOcaVH0nMnG0RE3AM6dpfhw7qU+n3c6XPS7HlO9ZC57GJeaOXy | ||
| b0cmcK2G96WC/VRuB1ZgjqYoq6PP4yjn/DB/Pc+7kjwJ2EDH5BFEnywVq4rH1a+Q | ||
| AbVDpxJfCfQZV1VKW+JNtO/KKKX+NlPrtHroSgKiRZ019oWptImyfgpg7j6FNNAT | ||
| R8uPsvU5zYJyCDOxKv4MqllMJmUVwGUHF61WnbiZeJsxzb5H5wMpikX4mfdKaIm0 | ||
| ym2QsHVRazST1bIVvAZThcKPd2EnysQi6XpYpMcpiSRo58ENXZW47M/Ocu7mBCLP | ||
| TJEPEC9YG2aCfHxFSz/n6xZR+1rvNPUxcLZ+FNOwZRnHqcqe5TDNQewoC8/AWR0O | ||
| dKqu2WgBF40ncXmtm5QnYhlTmBcoPUWfR40bCLJsm4fV2B4hkC5ZCHV/91jpsv7j | ||
| hsGkpQpY6n9XWBABW6ZGQWM4jXxybbNmb3u21xx8rEkaIh22is08i41xeV9iLYec | ||
| Pup6npZnZbiKSOEFQ3WAwzi3TtABmRknOMybFJKSlJQXMfHqENfwKpNvMMRVO8Pl | ||
| J+Oh6AN8l75vZaFF27gqBhbmjJ2Y9ioqTI7g+Dg4qClUQqXPCQIDAQABo0IwQDAd | ||
| BgNVHQ4EFgQU7G8ipLME4sFjh+Z3Y+pGaU7u/OswDgYDVR0PAQH/BAQDAgGGMA8G | ||
| A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAC832YLVevVWINnr3vWC | ||
| XNvLPtmPOPLKO5cHupQpkcug+IOli2FAxnC8JDlbOT6hiMK7MYaurag9QvDI/As0 | ||
| 4cNOa+4sqKCxQR3aLEyyqeLA4WdA6UFIHdMSIzLHZylzjuwciI706x83Ib17DMKO | ||
| cpO2QVB7Beqv240TWxKxH21pFZsl44OgI+HcAPDbfJe3PEzwEZKNcKRkMWa/FFu2 | ||
| ckQxpTcfZABrarnuRLcSINiodSW7VfxctzegXWM4WmQeutPBOicceV3J4ZVkhthB | ||
| m784vES1DIuDTqT9/iqStBGN8eOGx9qKvjaXT8SdcrP58FpXrtm/xKgtILptxfVT | ||
| 042oogQfb2cNahKRSvs0xH3jyhO944t0zMH/bEpRdU36wR1/Fo56zXy2Zv4czMwg | ||
| 3Hg7mbAalJvcnBvH+NHPgucQI432XX11K29vz7HuNC7P9yKhxns+MbOQDMDPOhtS | ||
| LUpBmzRNG4+2BZJZyKGqYd+STHisEGYeYCi3MVrwSe2UqcDi9f2UAWVbkDE/YB6/ | ||
| e7+C7o6UWkXSU7dzR7FwFsfBHi6EqgIb2e9pINAxdvlc/3E19Ld/GJEtlw7nSdzp | ||
| 71eMp5Z48iY54fV2lM/rXogS1R4r3p2oPe9efG0XaJMd0v1gom5Da/khJA7+wjRB | ||
| 0wberd/tg3N0dJsSSznZjwYB | ||
| -----END CERTIFICATE----- | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIFpDCCA4ygAwIBAgIUdDkAvVsH/GPX6RUEUsibtwFoBGMwDQYJKoZIhvcNAQEN | ||
| BQAwajELMAkGA1UEBhMCVVMxFjAUBgNVBAoMDUVudHJ1c3QsIEluYy4xQzBBBgNV | ||
| BAMMOkVudHJ1c3QgVmVyaWZpZWQgTWFyayBSb290IENlcnRpZmljYXRpb24gQXV0 | ||
| aG9yaXR5IC0gVk1DUjEwHhcNMjEwNTA3MTMzMTQ4WhcNNDAxMjMwMTMzMTQ4WjBq | ||
| MQswCQYDVQQGEwJVUzEWMBQGA1UECgwNRW50cnVzdCwgSW5jLjFDMEEGA1UEAww6 | ||
| RW50cnVzdCBWZXJpZmllZCBNYXJrIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3Jp | ||
| dHkgLSBWTUNSMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL1S/GJt | ||
| w3EI3J6CcvhFRTpAZUWnTTgj/0n04xEBEZu4bVR8JlYFnadfTm+CLyUkLCU7Ipoq | ||
| Y0D6jDcD2skWuXnSsTeQtiFIDiGJH4c6QWmNXw1mZDlNhLse0q2sfXCxlAlfBr9M | ||
| c2KOrNUFk36Ld6VQEZOb/R1aU/GwbfN0A/8mDQSRoIHlFgWrtqYwORBF8MFqv4a2 | ||
| MvE858h6KaKaBy/8TVMuvuYZ32sa1yGHibAP8Kr0YaFHiK+iLJxnJccjyXjzfLMY | ||
| zQ9rt/UuAlHTIXsNJE+ZYo4O3unPMK25lHGenEVRWOZiIVm/Kl/JdxqxETZRDwCS | ||
| KiXlHcXHkFTtvOQRQ5qcR0p1MrgIUzrzVZSqIM9O92q/tOgsKyv+GoTchBVrn57N | ||
| q2EsarFP2zQqLlSC2Z1KTO+c2bjf90BbDL+mlxYycbRfHc5GZ9LXnxmilBSLz5m0 | ||
| MGq1uamqC5pkri7V2tDe+Mb3FQcD/yDhaTs7jL/ODv1dYv3OCQ9YzUZtgvWSqzi9 | ||
| rHt2yFotR+XM4BB8n3De1QKnFLZB7s469xRUUjFIJ07lOapBTuZWsarECtAWloW0 | ||
| uKr0+LLO2nNX3t92qbPcmEu9dI2Z7K94VLZ/ONhVuroPLlzJ36tTP4zLXo5GXaMY | ||
| UnosKa2jkMu4QfII9g8NkHYRmUBk26vnCS2JAgMBAAGjQjBAMB0GA1UdDgQWBBRz | ||
| I1Z7K3hFgJq4wnzMpYY5iyZ4xTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE | ||
| AwIBhjANBgkqhkiG9w0BAQ0FAAOCAgEASMtZ53rMG+bDGJbYCCucv9KzqgCL166R | ||
| V9Eq0zQOXITcfVpJmFeBLq/rMzXCOdWNTdPx6yNdeWk6OW5GullwzJhsutiHcryQ | ||
| acDRHEnMf0LodOy2TWLWWonsyctVHa2PtbcViWZ7opctUTmsK6JdMHCAOZHH64Nj | ||
| 0Vr0VAaLf/A/fF+ZlU1IbcU1Gi/FBJudrT7YD2ISmIukCv7hsdhAtg9TuOVkWKl0 | ||
| gfDadejTU4l5VlT58ofkxg5aAL2XPJf7ywKzgWlWgLpIZWMsn6+7dOiAq7GqsVKN | ||
| zEKTyAc3Hs42hpKtHvZFDGJ3mGVUNPNjEiH7OZ7q1gKB7eysWDcUp+IMLn+nukDo | ||
| JUb9H+TiF0i7Zo+roPyzv+fy2tJuioF9NkVGqqOrfTLxOo10gCM42ba4Mf6PkvC4 | ||
| FkkNb7q7OVi6nsO8pUNJ+PagwFyMLp0vqd4aDTUruey7tKz76SM1D6rN9WJFgZsp | ||
| Yj4dKCQPde32Jd9/Sk6G5lHmIbAqqNYLqPRBxByVSBg9+11jMi7e1kIkMQV3wndB | ||
| ntRKjHU8Hd0J/UcK8veLaRR2XECTx0I9I31Fis4Q0cSVz+4oXWGBuaREKEut10q2 | ||
| cAWvd1qUOjLlA4LsxKpVMvc+loyIy5s0+IfcqN4GHYjBKK+m+GWs/u2Q4BiKeVxw | ||
| gkWRxBsyYPA= | ||
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| # About resources | ||
|
|
||
| Currently, there only two Mark Verifying Athorities that issue Verified Mark Certificates (VMCs) for use with [BIMI standard](https://bimigroup.org/implementation-guide/): [DigiCert](https://www.digicert.com/tls-ssl/verified-mark-certificates) and [Entrust](https://store.entrust.com/default/vmc.html). | ||
| They provide their customers with certificate chains containing the intermedate certificate and VMC. The root certificates for these certificates are different than the root certificates used fpr browsers. | ||
|
|
||
| - [DigiCert root Certificates download page](https://www.digicert.com/kb/digicert-root-certificates.htm) | ||
| - [EnTrust root Certificates download page](https://www.entrust.com/knowledgebase/ssl/entrust-root-certificates) | ||
|
|
||
| ## Root certificates | ||
|
|
||
| DigiCert Verified Mark Root CA | ||
|
|
||
| ```text | ||
| Expires: 2024-09-23 | ||
| Seral number: 06:C1:67:CF:EB:F4:8D:35:D6:24:10:18:5E:11:C5:EB | ||
| SHA1 fingerprint: 74:E1:6E:32:AF:75:C6:CF:51:0A:26:FF:1F:C1:15:80:68:EA:92:3E | ||
| SHA256 fingerprint: 50:43:86:C9:EE:89:32:FE:CC:95:FA:DE:42:7F:69:C3:E2:53:4B:73:10:48:9E:30:0F:EE:44:8E:33:C4:6B:42 | ||
| ``` | ||
|
|
||
| [Download link](http://cacerts.digicert.com/DigiCertVerifiedMarkRootCA.crt.pem) | ||
|
|
||
| Entrust Verified Mark Root Certification Authority – VMCR1 | ||
|
|
||
| ```text | ||
| Expires: 2040-12-30 | ||
| Seral number: 743900bd5b07fc63d7e9150452c89bb701680463 | ||
| SHA1 fingerprint: 4A:04:D5:A6:28:0E:98:E6:5C:D4:7F:87:E8:EC:A6:4C:8B:4A:9A:43 | ||
| SHA256 fingerprint: 78:31:D9:5A:47:D4:25:08:CD:5C:9E:62:64:F9:09:6B:AC:19:F0:4E:B9:B7:C8:BD:D3:5F:FF:C7:1C:18:96:17 | ||
| ``` | ||
|
|
||
| [Download link](https://web.entrust.com/root-certificates/VMRC1.cer) | ||
|
|
||
| `VMACAs.pem` contains both of these certificates in order to verify VMCs. |
Empty file.