On the Validation of Web X.509 Certificates by TLS Interception Products

On the Validation of Web X.509 Certificates by TLS Interception Products

The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data. It is based on X.509 Certificates. Our previous research showed that popular Web Browsers exhibit non-standardized behaviour with respect to the certificate validation process [1] . This article extend...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on dependable and secure computing 2022-01, Vol.19 (1), p.227-242
Hauptverfasser: Wazan, Ahmad Samer, Laborde, Romain, Chadwick, David W., Venant, Remi, Benzekri, Abdelmalek, Billoir, Eddie, Alfandi, Omar
Format: Artikel
Sprache:eng
Schlagworte:
Browsers
certificate validation
Certificates
Computer Science
Cryptography and Security
Encryption
Interception
OCSP stapling
Protocols
Security
Web PKI
Web servers
X.509 certificate
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data. It is based on X.509 Certificates. Our previous research showed that popular Web Browsers exhibit non-standardized behaviour with respect to the certificate validation process [1] . This article extends that work by examining their handling of OCSP Stapling. We also examine several popular HTTPS interception products, including proxies and anti-virus tools, regarding their certificate validation processes. We analyse and compare their behaviour to that described in the relative standards.
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2020.3000595