000165676 001__ 165676
000165676 005__ 20190316235109.0
000165676 037__ $$aCONF
000165676 245__ $$aThe Inconvenient Truth about Web Certificates
000165676 269__ $$a2011
000165676 260__ $$c2011
000165676 336__ $$aConference Papers
000165676 520__ $$aHTTPS is the de facto standard for securing Internet communications. Although it is widely deployed, the security provided with HTTPS in practice is dubious. HTTPS may fail to provide security for multiple reasons, mostly due to certificate-based authentication failures. Given the importance of HTTPS, we investigate the current scale and practices of HTTPS and certificate-based deployment. We provide a large-scale empirical analysis that considers the top one million most popular websites. Our results show that very few websites implement certificate-based authentication properly. In most cases, domain mismatches between certificates and websites are observed. We study the economic, legal and social aspects of the problem. We identify causes and implications of the profit-oriented attitude of CAs and show how the current economic model leads to the distribution of cheap certificates for cheap security. Finally, we suggest possible changes to improve certificate-based authentication.
000165676 6531_ $$aNCCR-MICS ; NCCR-MICS/Secu ; MICS
000165676 700__ $$0242754$$aVratonjic, Nevena$$g173693
000165676 700__ $$0240437$$aFreudiger, Julien$$g137978
000165676 700__ $$aBindschaedler, Vincent
000165676 700__ $$0240456$$aHubaux, Jean-Pierre$$g105427
000165676 7112_ $$aThe Workshop on Economics of Information Security (WEIS)$$cFairfax, Virginia, USA$$dJune 14-15, 2011
000165676 8564_ $$s3505588$$uhttps://infoscience.epfl.ch/record/165676/files/WEIS11-NevenaVratonjic-final.pptx$$yWEIS'11 presentation slides$$zWEIS'11 presentation slides
000165676 8564_ $$s1883511$$uhttps://infoscience.epfl.ch/record/165676/files/WEIS11-Vratonjic.pdf$$yn/a$$zn/a
000165676 909C0 $$0252452$$pLCA1$$xU10426
000165676 909CO $$ooai:infoscience.tind.io:165676$$pconf$$pIC$$qGLOBAL_SET
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 917Z8 $$x139598
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 917Z8 $$x173693
000165676 937__ $$aEPFL-CONF-165676
000165676 973__ $$aEPFL$$rREVIEWED$$sPUBLISHED
000165676 980__ $$aCONF