Internet X.509 Public Key Infrastructure -- Certificate Image

Rosenthol, Leonard; Santesson, Stefan; Bajaj, Siddharth; Housley, Russell

doi:10.17487/rfc6170

Cited by 3 publications

(1 citation statement)

References 2 publications

(8 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authentication process is deployed during SSL's handshake: At first, bank proves its identity by sending its DC, issued by a certificate authority (CA) like Verisign, to one client. Information in the certificate includes the issuer's name, certification validation period, version number, serial number, subject, etc [7]. This client then validates the certificate and provides his credential to the bank.…”

Section: A Online Authenticationmentioning

confidence: 99%

Online Banking Authentication Using Mobile Phones

Fang¹,

Zhan²

2010

2010 5th International Conference on Future Information Technology

View full text Add to dashboard Cite

Online banking authentication plays an important role in the field of online banking security. In past years, a number of methods, including password token, short message password, and USB token, have been developed for online banking authentication. In this paper, we introduce a new authentication protocol for online banking. Our approach enhances performance and robustness against various attacks by using mobile phones to store digital certificate for clients. We provide attack analysis to illustrate the strength of the protocol.

show abstract

Section: A Online Authenticationmentioning

confidence: 99%

Online Banking Authentication Using Mobile Phones

Fang¹,

Zhan²

2010

2010 5th International Conference on Future Information Technology

View full text Add to dashboard Cite

show abstract

A First Look at Brand Indicators for Message Identification (BIMI)

Yajima

Chiba²,

Yoneya³

et al. 2023

Passive and Active Measurement

View full text Add to dashboard Cite

As promising approaches to thwarting the damage caused by phishing emails, DNS-based email security mechanisms, such as the Sender Policy Framework (SPF), Domain-based Message Authentication, Reporting & Conformance (DMARC) and DNS-based Authentication of Named Entities (DANE), have been proposed and widely adopted. Nevertheless, the number of victims of phishing emails continues to increase, suggesting that there should be a mechanism for supporting end-users in correctly distinguishing such emails from legitimate emails. To address this problem, the standardization of Brand Indicators for Message Identification (BIMI) is underway. BIMI is a mechanism that helps an email recipient visually distinguish between legitimate and phishing emails. With Google officially supporting BIMI in July 2021, the approach shows signs of spreading worldwide. With these backgrounds, we conduct an extensive measurement of the adoption of BIMI and its configuration. The results of our measurement study revealed that, as of November 2022, 3,538 out of the one million most popular domain names have a set BIMI record, whereas only 396 (11%) of the BIMI-enabled domain names had valid logo images and verified mark certificates. The study also revealed the existence of several misconfigurations in such logo images and certificates.

show abstract