In this paper, we analyze the evolution of Certificate Transparency (CT) over time and explore the implications of exposing certificate DNS names from the perspective of security and privacy. We find that certificates in CT logs have seen exponential growth. Website support for CT has also constantly increased, with now a majority of established connections supporting CT. With the increasing deployment of CT, there are also concerns of information leakage due to all certificates being visible in CT logs. To understand this threat, we introduce a CT honeypot and show that data from CT logs is being used to identify targets for scanning campaigns only minutes after certificate issuance. We present and evaluate a methodology to learn and valid...
Security of Alerting Authorities in the WWW: Measuring Namespaces, DNSSEC, and Web PKI This reposit...
Much of the Internet’s end-to-end security relies on the SSL/TLS protocol along with its underlying ...
Abstract. The existing HTTPS public-key infrastructure (PKI) uses a coarse-grained trust model: eith...
Certificate transparency (CT) is a system that publishes all issued certificates so that they can be...
Many of today’s web-based services rely heavily on secure end-to-end connections. The “trust” that t...
Internet security and privacy stand on the trustworthiness of public certificates signed by Certific...
The security of the web improved greatly throughout the last couple of years. A large majority of th...
Security on the Internet is essential to ensure the privacy of an individual. Today, Trans- port Lay...
HTTPS is a cornerstone of privacy in the modern Web. The public key infrastructure underlying HTTPS,...
We report the results of a large-scale measurement study of the HTTPS certificate ecosystem—the publ...
Um Webserver-Zertifikate auditierbar zu machen, erweitert Certficate Transparency (CT) das TLS-Ökosy...
Certificate Transparency provides auditability to the widely used X.509 Public Key Infrastructure (P...
During disasters, crisis, and emergencies the public relies on online services provided by official ...
Certificate Transparency (CT) logs are append-only tamper-evident data structures that can be verifi...
Shaken by severe compromises, the Web’s Public Key Infrastructure has seen the addition of several s...
Security of Alerting Authorities in the WWW: Measuring Namespaces, DNSSEC, and Web PKI This reposit...
Much of the Internet’s end-to-end security relies on the SSL/TLS protocol along with its underlying ...
Abstract. The existing HTTPS public-key infrastructure (PKI) uses a coarse-grained trust model: eith...
Certificate transparency (CT) is a system that publishes all issued certificates so that they can be...
Many of today’s web-based services rely heavily on secure end-to-end connections. The “trust” that t...
Internet security and privacy stand on the trustworthiness of public certificates signed by Certific...
The security of the web improved greatly throughout the last couple of years. A large majority of th...
Security on the Internet is essential to ensure the privacy of an individual. Today, Trans- port Lay...
HTTPS is a cornerstone of privacy in the modern Web. The public key infrastructure underlying HTTPS,...
We report the results of a large-scale measurement study of the HTTPS certificate ecosystem—the publ...
Um Webserver-Zertifikate auditierbar zu machen, erweitert Certficate Transparency (CT) das TLS-Ökosy...
Certificate Transparency provides auditability to the widely used X.509 Public Key Infrastructure (P...
During disasters, crisis, and emergencies the public relies on online services provided by official ...
Certificate Transparency (CT) logs are append-only tamper-evident data structures that can be verifi...
Shaken by severe compromises, the Web’s Public Key Infrastructure has seen the addition of several s...
Security of Alerting Authorities in the WWW: Measuring Namespaces, DNSSEC, and Web PKI This reposit...
Much of the Internet’s end-to-end security relies on the SSL/TLS protocol along with its underlying ...
Abstract. The existing HTTPS public-key infrastructure (PKI) uses a coarse-grained trust model: eith...