Abstract
Many of today’s web-based services rely heavily on secure end-to-end connections. The “trust” that these services require builds upon TLS/SSL. Unfortunately, TLS/SSL is highly vulnerable to compromised Certificate Authorities (CAs) and the certificates they generate. Certificate Transparency (CT) provides a way to monitor and audit certificates and certificate chains, to help improve the overall network security. Using an open standard, anybody can setup CT logs, monitors, and auditors. CT is already used by Google’s Chrome browser for validation of Extended Validation (EV) certificates, Mozilla is drafting their own CT policies to be enforced, and public CT logs have proven valuable in identifying rogue certificates. In this paper we present the first large-scale characterization of the CT landscape. Our characterization uses both active and passive measurements and highlights similarities and differences in public CT logs, their usage, and the certificates they include. We also provide insights into how the certificates in these logs relate to the certificates and keys observed in regular web traffic.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
EV certificates were themselves introduced to address waning user trust.
- 2.
Technically, Google is also a CA. At the time of the measurements, no other production logs were known - only logs for testing purposes - although more production logs have appeared since. https://www.certificate-transparency.org/known-logs.
- 3.
- 4.
- 5.
- 6.
References
Akhawe, D., Amann, B., Vallentin, M., Sommer, R.: Here’s my cert, so trust me, maybe?: understanding TLS errors on the web. In: Proceeding of WWW (2013)
Amann, B., Sommer, R., Vallentin, M., Hall, S.: No attack necessary: the surprising dynamics of SSL trust relationships. In: Proceeding of ACSAC (2013)
Beurdouche, B., et al.: A messy state of the union: Taming the composite state machines of TLS. In: Proceeding of IEEE S&P (2015)
Barker, E., Barker, W., Burr, W.P.W., Smid, M.: Recommendation for key management, part 1: General (rev. 3). NIST Special. Publication 800–57 (2012)
Basin, D., Cremers, C., Kim, T.H.-J., Perrig, A., Sasse, R., Szalachowski, P.: Arpki: Attack resilient public-key infrastructure. In: Proceeding of ACM CCS (2014)
Chuat, L., Szalachowski, P., Perrig, A., Laurie, B., Messeri, E.: Efficient gossip protocols for verifying the consistency of certificate logs. In: Proceeding of IEEE CNS (2015)
Adrian, D., et al.: Imperfect forward secrecy: how Diffie-Hellman fails in practice. In: Proceeding of ACM CCS (2015)
Duncan, R.: How certificate revocation (doesn’t) work in practice (2013)
Durumeric, Z., Kasten, J., Bailey, M., Halderman, J.A.: Analysis of the HTTPS certificate ecosystem. In: Proceeding of IMC (2013)
Fadai, T., Schrittwieser, S., Kieseberg, P., Mulazzani, M.: Trust me, I’m a root CA! Analyzing SSL root CAs in modern browsers and operating systems. In: Proceeding of ARES (2015)
Hallam-Baker, P., Stradling, R.: RFC6844: DNS Certification Authority Authorization (CAA) Resource Record. IETF (2013)
Hoffman, P., Schlyter, J.: RFC6698: The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA. IETF (2012)
Huang, L., Rice, A., Ellingsen, E., Jackson, C.: Analyzing forged SSL certificates in the wild. In: Proceeding of IEEE S&P (2014)
Kim, T.H.-J., Huang, L.-S., Perrig, A., Jackson, C., Gligor, V.: Accountable key infrastructure (AKI): A proposal for a public-key validation infrastructure. In: Proceeding of WWW (2013)
Laurie, B.: Improving the security of EV certificates (2015)
Laurie, B., Käsper, E.: Revocation transparency. Google Research, September 2012
Laurie, B., Langley, A., Käsper, E.: RFC6962: Certificate Transparency. IETF (2013)
Laurie, B., Langley, A., Käsper, E., Messeri, E., Stradling, R.: RFC6962-bis: Certificate Transparency draft-ietf-trans-rfc6962-bis-10. IETF (2015)
Melara, M., Blankstein, A., Bonneau, J., Felten, E., Freedman, M.: Coniks: Bringing key transparency to end users. In: Proceeding of USENIX Security (2015)
Merkle, R.: Merkle Tree Patent, US4309569A (1979)
Nordberg, L., Gillmor, D.K., Ritter, T.: Gossiping in CT. IETF (2015)
Ouvrier, G., Laterman, M., Arlitt, M., Carlsson, N.: Characterizing the HTTPS trust landscape: a passive view from the edge. Technical report (2016)
Sleevi, R.: Sustaining digital certificate security, Google Security Blog, 28 October 2015. https://security.googleblog.com/2015/10/sustaining-digital-certificate-security.html
Wendlandt, D., Andersen, D.G., Perrig, A.: Perspectives: improving SSH-style host authentication with multi-path probing. In: Proceeding of USENIX ATC (2008)
Liu, Y., et al.: An end-to-end measurement of certificate revocation in the web’s PKI. In: Proceeding of IMC (2015)
Zhang, D., Gillmor, D.K., He, D., Sarikaya, B.: CT for Binary Codes. IETF (2015)
Acknowledgements
The authors are thankful to our shepherd Ralph Holz and the anonymous reviewers for their feedback. This work was funded in part by the Swedish Research Council (VR) and the Natural Sciences and Engineering Research Council (NSERC) of Canada.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Gustafsson, J., Overier, G., Arlitt, M., Carlsson, N. (2017). A First Look at the CT Landscape: Certificate Transparency Logs in Practice. In: Kaafar, M., Uhlig, S., Amann, J. (eds) Passive and Active Measurement. PAM 2017. Lecture Notes in Computer Science(), vol 10176. Springer, Cham. https://doi.org/10.1007/978-3-319-54328-4_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-54328-4_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-54327-7
Online ISBN: 978-3-319-54328-4
eBook Packages: Computer ScienceComputer Science (R0)