On the Validation of Web X.509 Certificates by TLS Interception Products

E-resources

PDF

Open access

On the Validation of Web X.509 Certificates by TLS Interception Products

Wazan, Ahmad Samer; Laborde, Romain; Chadwick, David W.; Venant, Remi; Benzekri, Abdelmalek; Billoir, Eddie; Alfandi, Omar

IEEE transactions on dependable and secure computing, 2022-Jan.-Feb.-1, 2022-1-1, 20220101, 2022-01-01, Volume: 19, Issue: 1

Journal Article

The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data. It is based on X.509 Certificates. Our previous research showed that popular Web Browsers exhibit non-standardized behaviour with respect to the certificate validation process <xref ref-type="bibr" rid="ref1">1 . This article extends that work by examining their handling of OCSP Stapling. We also examine several popular HTTPS interception products, including proxies and anti-virus tools, regarding their certificate validation processes. We analyse and compare their behaviour to that described in the relative standards.

Keep searching

Author

Access to the JCR database is permitted only to users from Slovenia. Your current IP address is not on the list of IP addresses with access permission, and authentication with the relevant AAI accout is required.

Year	Impact factor		Edition		Category		Classification
Year	JCR	SNIP	JCR	SNIP	JCR	SNIP	JCR	SNIP

Links to authors' personal bibliographies	Links to information on researchers in the SICRIS system

Source: Personal bibliographies and: SICRIS

Upload image

Shelf entry

Adding material to shelf was successful.

Adding material to shelf failed.

It was not necessary to add the material to the shelf.

Permalink

E-mail

Impact factor

Select the library membership card:

DRS, in which the journal is indexed

Citations

Theme