No attack necessary

Abstract: Much of the Internet's end-to-end security relies on the SSL/TLS protocol along with its underlying X.509 certificate infrastructure. However, the system remains quite brittle due to its liberal delegation of signing authority: a single compromised certification authority undermines trust globally. Several recent high-profile incidents have demonstrated this shortcoming convincingly. Over time, the security community has proposed a number of counter measures to increase the security of the certificate ecosyste… Show more

“…Given that trust anchors can issue intermediate CA certificates (and intermediates can be enabled to do the same), a site certificate is browser-acceptable if the browser can build a chain of certificates that lead to a trust anchor. One study found 20% of valid certificates required no intermediate and 38% used one [18].…”

“…Thus, current browsers fail open, accepting certificates for which revocation information cannot be located (browsers should downgrade all EV certificates to a regular certificate, or warn, as responsive revocation is an EV requirement). 18 In response to the failings of revocation, some browsers (e.g., Chrome) maintain an updatable certificate blacklist (see Section V-C).…”

“…While the mandatory expiration date field provides an eventual default form of revocation, many certificates are valid for multiple years (the median lifetime varies across measurements: 12 [86], 12-15 [54], or 24 [18] months).…”

“…Another refinement, DoubleCheck [17], probes from multiple servers in the existing Tor anonymity network (which cleanly eliminates the privacy threat notaries pose in terms of tracking). In addition to network devices, any collection of certificate data can additionally be consulted for an independent perspective (e.g., the SSL Observatory [39] or ICSI Notary [18]). Certificate Transparency (CT) [6] is a proposal for creating a central audit log of HTTPS certificates, which is verifiably append-only and maintained by independent monitors.…”

SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements

“…Given that trust anchors can issue intermediate CA certificates (and intermediates can be enabled to do the same), a site certificate is browser-acceptable if the browser can build a chain of certificates that lead to a trust anchor. One study found 20% of valid certificates required no intermediate and 38% used one [18].…”

“…Thus, current browsers fail open, accepting certificates for which revocation information cannot be located (browsers should downgrade all EV certificates to a regular certificate, or warn, as responsive revocation is an EV requirement). 18 In response to the failings of revocation, some browsers (e.g., Chrome) maintain an updatable certificate blacklist (see Section V-C).…”

“…While the mandatory expiration date field provides an eventual default form of revocation, many certificates are valid for multiple years (the median lifetime varies across measurements: 12 [86], 12-15 [54], or 24 [18] months).…”

“…Another refinement, DoubleCheck [17], probes from multiple servers in the existing Tor anonymity network (which cleanly eliminates the privacy threat notaries pose in terms of tracking). In addition to network devices, any collection of certificate data can additionally be consulted for an independent perspective (e.g., the SSL Observatory [39] or ICSI Notary [18]). Certificate Transparency (CT) [6] is a proposal for creating a central audit log of HTTPS certificates, which is verifiably append-only and maintained by independent monitors.…”

SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements

National Cyber Resilience and Roles for Public and Private Sector Stakeholders

Indicators of Malicious SSL Connections