Name
Abstract | ||
|---|---|---|
We report the results of a large-scale measurement study of the HTTPS certificate ecosystem---the public-key infrastructure that underlies nearly all secure web communications. Using data collected by performing 110 Internet-wide scans over 14 months, we gain detailed and temporally fine-grained visibility into this otherwise opaque area of security-critical infrastructure. We investigate the trust relationships among root authorities, intermediate authorities, and the leaf certificates used by web servers, ultimately identifying and classifying more than 1,800 entities that are able to issue certificates vouching for the identity of any website. We uncover practices that may put the security of the ecosystem at risk, and we identify frequent configuration problems that lead to user-facing errors and potential vulnerabilities. We conclude with lessons and recommendations to ensure the long-term health and security of the certificate ecosystem. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1145/2504730.2504755 | Internet Measurement Conference |
Keywords | Field | DocType |
certificate ecosystem,leaf certificate,web server,intermediate authority,long-term health,secure web communication,security-critical infrastructure,frequent configuration problem,public-key infrastructure,large-scale measurement study,measurement,ssl,public key infrastructure,https,tls,security,x 509 | Public key infrastructure,Internet privacy,Root certificate,X.509,Public key certificate,Computer science,Computer security,Computer network,Certificate authority,Hypertext Transfer Protocol over Secure Socket Layer,Certification Practice Statement,Certificate | Conference |
Citations | PageRank | References |
53 | 3.43 | 11 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Zakir Durumeric | 1 | 935 | 48.86 |
| James Kasten | 2 | 257 | 12.19 |
| Michael Bailey | 3 | 1335 | 78.22 |
| J. Alex Halderman | 4 | 2301 | 149.67 |