On the Validation of Web X.509 Certificates by TLS interception products - Service IntEgration and netwoRk Administration Access content directly
Journal Articles IEEE Transactions on Dependable and Secure Computing Year : 2022

On the Validation of Web X.509 Certificates by TLS interception products

Abstract

The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data. It is based on X.509 Certificates. Our previous research showed that popular Web Browsers exhibit non-standardized behaviour with respect to the certificate validation process [1]. This paper extends that work by examining their handling of OCSP Stapling. We also examine several popular HTTPS interception products, including proxies and anti-virus tools, regarding their certificate validation processes. We analyse and compare their behaviour to that described in the relative standards.
Fichier principal
Vignette du fichier
09110796.pdf (1.14 Mo) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-02863329 , version 1 (10-06-2020)

Identifiers

Cite

Ahmad Samer Wazan, Romain Laborde, David Chadwick, Rémi Venant, Abdelmalek Benzekri, et al.. On the Validation of Web X.509 Certificates by TLS interception products. IEEE Transactions on Dependable and Secure Computing, 2022, 19 (1), pp.227 - 242. ⟨10.1109/TDSC.2020.3000595⟩. ⟨hal-02863329⟩
160 View
116 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More