Article
On the Validation of Web X.509 Certificates by TLS interception products
IEEE Transactions on Dependable and Secure Computing
Document Type
Article
Publication Date
1-1-2020
Abstract
The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data. It is based on X.509 Certificates. Our previous research showed that popular Web Browsers exhibit non-standardized behaviour with respect to the certificate validation process [1]. This paper extends that work by examining their handling of OCSP Stapling. We also examine several popular HTTPS interception products, including proxies and anti-virus tools, regarding their certificate validation processes. We analyse and compare their behaviour to that described in the relative standards. Finally, we propose a system that allows the automation of certificate validation tests.
DOI Link
Publisher
Institute of Electrical and Electronics Engineers (IEEE)
Disciplines
Creative Commons License
Creative Commons Attribution 4.0 International
Indexed in Scopus
No
Open Access
Yes
Open Access Type
Hybrid: This publication is openly available in a subscription-based journal/series
https://doi.org/10.1109/tdsc.2020.3000595
Citation Information
Ahmad Samer Wazan, Romain Laborde, David Chadwick, Remi Venant, et al.. "On the Validation of Web X.509 Certificates by TLS interception products" IEEE Transactions on Dependable and Secure Computing Vol. PP (2020) ISSN: <p><a href="https://v2.sherpa.ac.uk/id/publication/issn/1545-5971" target="_blank">1545-5971</a></p> Available at: http://works.bepress.com/omar-alfandi/49/