loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Manuel Koschuch and Ronald Wagner

Affiliation: FH Campus Wien - University of Applied Science, Austria

ISBN: 978-989-758-042-0

Keyword(s): OCSP, CRL, X.509v3, Browser, Evaluation.

Related Ontology Subjects/Areas/Topics: Data Communication Networking ; Implementation and Experimental Test-Beds ; Network Applications (Web, Multimedia Streaming, Gaming, Etc.) ; Network Protocols ; Telecommunications

Abstract: X.509v3 certificates are the current standard of verifiable associating an entity with a public key, and are widely used in different networking applications: from HTTPS in browsers, SSH connections, to e-mail, PDF and code signing. This wide usage also necessitates the existence of a robust, reliable way to detect and deal with compromised or otherwise invalid certificates. Certificate Revocation Lists (CRLs) and the Online Certificate Status Protocol (OCSP) are the two mechanisms currently deployed to handle revoked certificates. In this position paper we present preliminary results of our research into the practical use of these protocols, using an existing data-set to show that almost 85% of certificates currently in use contain no revocation information, and compare different browsers under different operating systems as to their dealing with unreachable OCSP servers. We find that browser behaviour in this case ranges from opening the site without any warnings whatsoever to total ly blocking it, indicating no clear default reaction and no reliable behaviour. (More)

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.221.75.68

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Koschuch M. and Wagner R. (2014). Papers, Please... - X.509 Certificate Revocation in Practice.In Proceedings of the 5th International Conference on Data Communication Networking - Volume 1: DCNET, (ICETE 2014) ISBN 978-989-758-042-0, pages 36-40. DOI: 10.5220/0005113800360040

@conference{dcnet14,
author={Manuel Koschuch and Ronald Wagner},
title={Papers, Please... - X.509 Certificate Revocation in Practice},
booktitle={Proceedings of the 5th International Conference on Data Communication Networking - Volume 1: DCNET, (ICETE 2014)},
year={2014},
pages={36-40},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005113800360040},
isbn={978-989-758-042-0},
}

TY - CONF

JO - Proceedings of the 5th International Conference on Data Communication Networking - Volume 1: DCNET, (ICETE 2014)
TI - Papers, Please... - X.509 Certificate Revocation in Practice
SN - 978-989-758-042-0
AU - Koschuch M.
AU - Wagner R.
PY - 2014
SP - 36
EP - 40
DO - 10.5220/0005113800360040

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.