X.509v3 Transport Layer Security (TLS) Feature Extension

Hallam-Baker, Phillip

doi:10.17487/rfc7633

Cited by 24 publications

(9 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, all the web browsers have introduced an additional approach for checking a PKC's status, called OCSP stapling [16][17][18]. In OCSP stapling, CAs issue certificates with this new extension, which requires the web server to send a cached OCSP response in the TLS handshake.…”

Section: ) Analysis Of the Resultsmentioning

confidence: 99%

TLS Connection Validation by Web Browsers: Why do Web Browsers Still Not Agree?

Wazan

Laborde²,

Chadwick³

et al. 2017

2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)

View full text Add to dashboard Cite

Abstract-The TLS protocol is the primary technology used for securing web transactions. It is based on X.509 certificates that are used for binding the identity of web servers' owners to their public keys. Web browsers perform the validation of X.509 certificates on behalf of web users. Our previous research in 2009 showed that the validation process of web browsers is inconsistent and flawed. We showed how this situation might have a negative impact on web users. From 2009 until now, many new X.509 related standards have been created or updated. In this paper, we performed an increased set of experiments over our 2009 study in order to highlight the improvements and/or regressions in web browsers' behaviours.

show abstract

Section: ) Analysis Of the Resultsmentioning

confidence: 99%

TLS Connection Validation by Web Browsers: Why do Web Browsers Still Not Agree?

Wazan

Laborde²,

Chadwick³

et al. 2017

2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)

View full text Add to dashboard Cite

show abstract

“…Moreover, HPKP is only effective after the first connection is established and for a limited amount of time. A number of other mechanisms, such as HSTS [31] and OCSP Must-Staple [28], suffer from the same problem. Besides, HSTS only enforces the use of HTTPS, while OCSP stapling only addresses the revocation problem; neither provides resilience against CA compromise.…”

Section: Lessons Learnedmentioning

confidence: 99%

F-PKI: Enabling Innovation and Trust Flexibility in the HTTPS Public-Key Infrastructure

Chuat¹,

Krähenbühl²,

Mittal³

et al. 2022

Proceedings 2022 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

We present F-PKI, an enhancement to the HTTPS public-key infrastructure (or web PKI) that gives trust flexibility to both clients and domain owners, and enables certification authorities (CAs) to enforce stronger security measures. In today's web PKI, all CAs are equally trusted, and security is defined by the weakest link. We address this problem by introducing trust flexibility in two dimensions: with F-PKI, each domain owner can define a domain policy (specifying, for example, which CAs are authorized to issue certificates for their domain name) and each client can set or choose a validation policy based on trust levels. F-PKI thus supports a property that is sorely needed in today's Internet: trust heterogeneity. Different parties can express different trust preferences while still being able to verify all certificates. In contrast, today's web PKI only allows clients to fully distrust suspicious/misbehaving CAs, which is likely to cause collateral damage in the form of legitimate certificates being rejected. Our contribution is to present a system that is backward compatible, provides sensible security properties to both clients and domain owners, ensures the verifiability of all certificates, and prevents downgrade attacks. Furthermore, F-PKI provides a ground for innovation, as it gives CAs an incentive to deploy new security measures to attract more customers, without having these measures undercut by vulnerable CAs.

show abstract

“…OCSP Must-Staple [25] was proposed in 2015 to remedy this issue. An X.509 certificate extension signals the browser to block the connection if the OCSP Staple is missing.…”

Section: Network-assisted Revocationmentioning

confidence: 99%

“…For CRLs and OCSP these requirements are highly variable depending on the usage of certificates by a given client, though average costs can be established for both of these strategies. For 7 While other revocation strategies also allow clients to adopt a hard-fail policy (such as OCSP Must-Staple [25] and RITM [8]), no other previously proposed strategy can do so without adding new entities in the PKI ecosystem or forcing relatively high numbers of servers to change their configurations and key management practices.…”

Section: A Efficiencymentioning

confidence: 99%

Let's Revoke: Scalable Global Certificate Revocation

Smith¹,

Dickenson²,

Seamons³

2020

Proceedings 2020 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Current revocation strategies have numerous issues that prevent their widespread adoption and use, including scalability, privacy, and new infrastructure requirements. Consequently, revocation is often ignored, leaving clients vulnerable to man-in-the-middle attacks. This paper presents Let's Revoke, a scalable global revocation strategy that addresses the concerns of current revocation checking. Let's Revoke introduces a new unique identifier to each certificate that serves as an index to a dynamically-sized bit vector containing revocation status information. The bit vector approach enables significantly more efficient revocation checking for both clients and certificate authorities. We compare Let's Revoke to existing revocation schemes and show that it requires less storage and network bandwidth than other systems, including those that cover only a fraction of the global certificate space. We further demonstrate through simulations that Let's Revoke scales linearly up to ten billion certificates, even during mass revocation events.

show abstract

X.509v3 Transport Layer Security (TLS) Feature Extension

Cited by 24 publications

References 5 publications

TLS Connection Validation by Web Browsers: Why do Web Browsers Still Not Agree?

TLS Connection Validation by Web Browsers: Why do Web Browsers Still Not Agree?

F-PKI: Enabling Innovation and Trust Flexibility in the HTTPS Public-Key Infrastructure

Let's Revoke: Scalable Global Certificate Revocation

Contact Info

Product

Resources

About