liu.seSearch for publications in DiVA
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Temporal Analysis of X.509 Revocations and their Statuses
Linköping University, Department of Computer and Information Science. Linköping University, Faculty of Science & Engineering.
Linköping University, Department of Computer and Information Science. Linköping University, Faculty of Science & Engineering.
Univ Calgary, Canada.
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.ORCID iD: 0000-0003-1367-1594
2022 (English)In: 7TH IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (EUROS&PW 2022), IEEE , 2022, p. 258-265Conference paper, Published paper (Refereed)
Abstract [en]

Despite the X509 public key infrastructure (PKI) being essential for ensuring the trust we place in our communication with web servers, the revocation of the trust placed in individual X509 certificates is neither transparent nor well-studied, leaving many unanswered questions. In this paper, we present a temporal analysis of 36 million certificates, whose revocation statuses we followed for 120 days since first being issued. We characterize the revocation rates of different certificate authorities (CAs) and how the rates change over the lifetime of the certificates. We identify and discuss several instances where the status changes from "revoked" to "good", "unauthorized" or "unknown", respectively, before the certificates expiry. This complements prior work that has observed such inconsistencies in some CAs behavior after expiry but also highlight a potentially more severe problem. Our results highlight heterogeneous revocation practices among the CAs.

Place, publisher, year, edition, pages
IEEE , 2022. p. 258-265
National Category
Communication Studies
Identifiers
URN: urn:nbn:se:liu:diva-188795DOI: 10.1109/EuroSPW55150.2022.00032ISI: 000853211100025ISBN: 9781665495608 (electronic)OAI: oai:DiVA.org:liu-188795DiVA, id: diva2:1699266
Conference
7th IEEE European Symposium on Security and Privacy (IEEE EuroS and P), Genoa, ITALY, jun 06-10, 2022
Available from: 2022-09-27 Created: 2022-09-27 Last updated: 2022-09-27

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Search in DiVA

By author/editor
Abdel-Halim, AdamDanielsson, MaxCarlsson, Niklas
By organisation
Department of Computer and Information ScienceFaculty of Science & EngineeringDatabase and information techniques
Communication Studies

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 243 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf