Hacker News new | ask | show | jobs
by morpheuskafka 10 days ago
You issued a certificate for North Korea's email infrastructure as recently as six days ago:

https://crt.sh/?id=26878583197 (06/04/2026 smtp.star-co.net.kp) https://crt.sh/?id=20256841119 (08/11/2025 *.star.net.kp)

Star Joint Venture is the manager of the .kp TLD and one of DPRK's two email providers (the other is silibank.net.kp) [1], used as the official email for various government bodies ex. ipa817@star-co.net.kp (IP Office), kscost@star-co.net.kp (Sci/Tech Commission), ksf@star-co.net.kp (Ministry of Culture and Sports), mhs-ip@star-co.net.kp (Atomic Energy). It is also widely used by those universities and companies that engage with the outside world.

How did you determine that issuing a certificate to this domain or any .kp domain was compliant with the general ban on exporting goods and services to DPRK?
1 comments
throwaway2037 9 days ago
This is incredible. How did you find these certs?
link
morpheuskafka 9 days ago
I only noticed the star net one (not sure if it’s even in use) when writing this. I noticed the Pyongyang Zoo (which shares an IP with the Architects Society—one on 443 and one on 80 lmao) first, just from flipping through their very small IP space on Shodan.

You can see them all on crt.sh, because LE has to upload them to a CT log for browsers to trust them. (That’s how most of those subdomain finder websites work too.) The email servers seem to have gotten certs from a for profit CA back in 2015, but I’m not sure if they ever used them. Most of their webspace seems to be HTTP only. (And it’s a good thing, because some of their Apache versions are potentially old enough to have Heartbleed.)

The architects website has some pretty cool PDF magazines btw. They also have several websites for their insurance company’s (perhaps some intl org needs them to have a website for listing)—that’s a core hard currency stream for them and they previously have been accused of submitting false losses.

link
qingcharles 9 days ago
Thank you. Had to go looking for these magazines.

http://www.koreanarchitecture.gov.kp/index.php?kt=TWFnYXppbm...

link