Abstract | ||
---|---|---|
The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data. It is based on X.509 Certificates. Our previous research showed that popular Web Browsers exhibit non-standardized behaviour with respect to the certificate validation process
<xref ref-type="bibr" rid="ref1" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">[1]</xref>
. This article extends that work by examining their handling of OCSP Stapling. We also examine several popular HTTPS interception products, including proxies and anti-virus tools, regarding their certificate validation processes. We analyse and compare their behaviour to that described in the relative standards. |
Year | DOI | Venue |
---|---|---|
2022 | 10.1109/TDSC.2020.3000595 | IEEE Transactions on Dependable and Secure Computing |
Keywords | DocType | Volume |
Web PKI,X.509 certificate,certificate validation,OCSP stapling | Journal | 19 |
Issue | ISSN | Citations |
1 | 1545-5971 | 0 |
PageRank | References | Authors |
0.34 | 0 | 7 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ahmad Samer Wazan | 1 | 22 | 7.96 |
Romain Laborde | 2 | 162 | 28.88 |
David W. Chadwick | 3 | 799 | 80.70 |
Remi Venant | 4 | 0 | 0.34 |
Abdelmalek Benzekri | 5 | 77 | 21.73 |
Eddie Billoir | 6 | 0 | 0.34 |
Omar Alfandi | 7 | 0 | 0.34 |