research-article

Public Access

Hammurabi: A Framework for Pluggable, Logic-Based X.509 Certificate Validation Policies

Authors:

Yaelle Goldschlag,

Kasra Torshizi,

Taejoong Chung,

Bruce M. Maggs,

Christo WilsonAuthors Info & Claims

CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

Pages 1857 - 1870

https://doi.org/10.1145/3548606.3560594

Published: 07 November 2022 Publication History

Abstract

This paper proposes using a logic programming language to disentangle X.509 certificate validation policy from mechanism. Expressing validation policies in a logic programming language provides multiple benefits. First, policy and mechanism can be more independently written, augmented, and analyzed compared to the current practice of interweaving them within a C or C++ implementation. Once written, these policies can be easily shared and modified for use in different TLS clients. Further, logic programming allows us to determine when clients differ in their policies and use the power of imputation to automatically generate interesting certificates, e.g., a certificate that will be accepted by one browser but not by another.

We present a new framework called Hammurabi for expressing validation policies, and we demonstrate that we can express the complex policies of the Google Chrome and Mozilla Firefox web browsers in this framework. We confirm the fidelity of the Hammurabi policies by comparing the validation decisions they make with those made by the browsers themselves on over ten million certificate chains derived from Certificate Transparency logs, as well as 100K synthetic chains. We also use imputation to discover nine validation differences between the two browsers' policies. Finally, we demonstrate the feasibility of integrating Hammurabi into Firefox and the Go language in less than 100 lines of code each.

References

[1]

[n. d.]. Proper handling for wildcard certificates for all tlds. https://bugzilla.mozilla.org/ show_bug.cgi?id=1196364.

[2]

[n. d.]. Public Suffix List. https://publicsuffix.org/list/public_suffix_list.dat.

[3]

2002. CVE-2002-0862. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0862.

[4]

2003. CVE-2003--1229. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003--1229.

[5]

2005. CVE-2005-3170. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005--3170.

[6]

2008. CVE-2008--4989. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989.

[7]

2009. CVE-2009-2408. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009--2408.

[8]

2010. CVE-2010-1378. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1378.

[9]

2011. CVE-2011-0228. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0228.

[10]

2012. CVE-2012-3446. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3446.

[11]

2014. CVE-2014-0092. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092.

[12]

2015. Crlsets. The Chromium Projects. http://bit.ly/1JPsUeC.

[13]

2015. Issue 572734: Support for OCSP Must-staple. https://bugs.chromium.org/p/chromium/ issues/detail?id=572734.

[14]

2016. Feature request: OCSP Must Staple (RFC 7633). https://groups.google.com/a/chromium. org/g/security-dev/c/-pB8IFNu5tw.

[15]

2021. CVE-2021-3450. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3450.

[16]

Serge Abiteboul, Richard Hull, and Victor Vianu. 1995. Foundations of Databases. Addison-Wesley Reading.

Digital Library

[17]

Jalal Al-Muhtadi, Anand Ranganathan, Roy Campbell, and M Dennis Mickunas. 2003. Cerberus: a context-aware security scheme for smart spaces. In Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003.(PerCom 2003). IEEE, 489--496.

[18]

Johanna Amann, Oliver Gasser, Quirin Scheitle, Lexi Brent, Georg Carle, and Ralph Holz. 2017. Mission Accomplished? HTTPS Security after DigiNotar. In Proceedings of the ACM Internet Measurement Conference (IMC).

[19]

Daniel An. 2018. Find out how you stack up to new industry benchmarks for mobile page speed. "Think with Google-Mobile, Data & Measurement" (2018).

[20]

Blake Anderson and David McGrew. 2019. TLS Beyond the Browser: Combining End Host and Network Data to Understand Application Behavior. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[21]

Thomas H. Austin, Jean Yang, Cormac Flanagan, and Armando Solar-Lezama. 2013. Faceted execution of policy-agnostic programs. In Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security. 15--26.

Digital Library

[22]

Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, and Kevin R.B. Butler. 2014. Forced Perspectives: Evaluating an SSL Trust Enhancement at Scale. In Proceedings of the ACM Internet Measurement Conference (IMC).

[23]

Aaron Bembenek, Michael Greenberg, and Stephen Chong. 2020. Formulog: Datalog for SMT-based static analysis. Proceedings of the ACM on Programming Languages 4, OOPSLA (2020), 1--31.

Digital Library

[24]

Karthikeyan Bhargavan, Bruno Blanchet, and Nadim Kobeissi. 2017. Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate. In Proceedings of the IEEE Symposium on Security and Privacy.

[25]

Karthikeyan Bhargavan, Barry Bond, Antoine Delignat-Lavaud, Cédric Fournet, Chris Haw- blitzel, Catalin Hritcu, Samin Ishtiaq, Markulf Kohlweiss, Rustan Leino, Jay Lorch, Kenji Maillard, Jinyang Pang, Bryan Parno, Jonathan Protzenko, Tahina Ramananandro, Ashay Rane, Aseem Rastogi, Nikhil Swamy, Laure Thompson, Peng Wang, Santiago Zanella-Beguelin, and Jean-Karim Zinzindohoué. 2017. Everest: Towards a Verified, Drop-In Replacement of HTTPS. In Summit on Advances in Programming Languages (SNAPL).

[26]

Timm Böttger, Felix Cuadrado, Gianni Antichi, Eder Leão Fernandes, Gareth Tyson, Ignacio Castro, and Steve Uhlig. 2019. An Empirical Study of the Cost of DNS-over-HTTPS. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[27]

Chad Brubaker, Suman Jana, Baishakhi Ray, Sarfraz Khurshid, and Vitaly Shmatikov. 2014. Using Frankencerts for Automated Adversarial Testing of Certificate Validation In SSL/TLS Implementations. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[28]

CA/Browser Forum. 2016. Baseline Requirements: Certificate Policy for the Issuance and Management of Publicly-Trusted Certificates. Version 1.4.1. https://cabforum.org/wp-content/ uploads/CA-Browser-Forum-BR-1.4.1-redlined.pdf

[29]

Frank Cangialosi, Taejoong Chung, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, and Christo Wilson. 2016. Measurement and Analysis of Private Key Sharing in the HTTPS Ecosystem. In Proceedings of ACM CCS.

Digital Library

[30]

CA:Symantec Issues [n. d.]. CA:Symantec Issues. https://wiki.mozilla.org/CA:Symantec_ Issues.

[31]

Certificate Transparency Enforcement in Google Chrome [n. d.]. Certificate Transparency Enforcement in Google Chrome. https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/wHILiYf31DE.

[32]

Sze Yiu Chau, Omar Chowdhury, Endadul Hoque, Huangyi Ge, Aniket Kate, Cristina Nita- Rotaru, and Ninghui Li. 2017. SymCerts: Practical Symbolic Execution For Exposing Noncom- pliance in X.509 Certificate Validation Implementations. In Proceedings of the IEEE Symposium on Security and Privacy.

[33]

Rishabh Chhabra, Paul Murley, Deepak Kumar, Michael Bailey, and Gang Wang. 2021. Mea- suring DNS-over-HTTPS Performance Around the World. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[34]

Chrome Root Program 2020. Chrome Root Program. The Chromium Projects. https: //www.chromium.org/Home/chromium-security/root-ca-policy/.

[35]

Laurent Chuat, AbdelRahman Abdou, Ralf Sasse, Christoph Sprenger, David Basin, and Adrian Perrig. 2020. SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust. In Proceedings of the IEEE European Symposium on Security and Privacy.

[36]

Taejoong Chung, Yabing Liu, Dave Choffnes, Dave Levin, Bruce Maggs, Alan Mislove, and Christo Wilson. 2016. Measuring and Applying Invalid SSL Certificates: The Silent Majority. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[37]

Catalin Cimpanu. 2020. Chrome will soon have its own dedicated certificate root store. https:// www.zdnet.com/article/chrome-will-soon-have-its-own-dedicated-certificate-root-store/.

[38]

Convergence [n. d.]. Convergence. http://convergence.io.

[39]

D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. 2008. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280. http://www.ietf.org/rfc/rfc5280.txt

[40]

Craig Costello, Cédric Fournet, Jon Howell, Markulf Kohlweiss, Benjamin Kreuter, Michael Naehrig, Bryan Parno, and Samee Zahur and. 2015. Geppetto: Versatile Verifiable Computation. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[41]

Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, and Thyla van der Merwe. 2017. A Comprehensive Symbolic Analysis of TLS 1.3.

[42]

Cas Cremers, Marko Horvat, Sam Scott, and Thyla van der Merwe. 2016. Automated Analysis and Verification of TLS 1.3: 0-RTT, Resumption and Delayed Authentication. In Proceedings of the IEEE Symposium on Security and Privacy.

[43]

CRLite - CA/Browser Forum [n. d.]. CRLite - CA/Browser Forum. https://cabforum.org/wp-content/uploads/CABF_F2Fpreso_030518_vmf.pdf.

[44]

Nicodemos Damianou, Naranker Dulay, Emil Lupu, and Morris Sloman. 2001. The Ponder Policy Specification Language. In Proceedings of the International Workshop on Policies for Distributed Systems and Networks. Springer, 18--38.

Digital Library

[45]

Joyanta Debnath, Sze Yiu Chau, and Omar Chowdhury. 2021. On Re-engineering the X.509 PKI with Executable Specification for Better Implementation Guarantees. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 1388--1404.

Digital Library

[46]

Antoine Delignat-Lavaud, Cedric Fournet, Markulf Kohlweiss, and Bryan Parno. 2016. Cinderella: Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable Computation. In Proceedings of the IEEE Symposium on Security and Privacy.

[47]

Antoine Delignat-Lavaud, Cedric Fournet, Markulf Kohlweiss, Jonathan Protzenko, Aseem Rastogi, Nikhil Swamy, Santiago Zanella-Beguelin, Karthikeyan Bhargavan, Jianyang Pan, and Jean Karim Zinzindohoue. 2017. Implementing and Proving the TLS 1.3 Record Layer. In Proceedings of the IEEE Symposium on Security and Privacy.

[48]

Distrust of the Symantec PKI: Immediate action needed by site operators [n. d.]. Distrust of the Symantec PKI: Immediate action needed by site operators. https://security.googleblog. com/2018/03/distrust-of-symantec-pki-immediate.html.

[49]

Zakir Durumeric, James Kasten, David Adrian, J. Alex Halderman, Michael Bailey, Frank Li, Nicolas Weaver, Johanna Amann, Jethro Beekman, Mathias Payer, and Vern Paxson. 2014. The Matter Of Heartbleed. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[50]

Zakir Durumeric, James Kasten, Michael Bailey, and J. Alex Halderman. 2013. Analysis of the HTTPS Certificate Ecosystem. In Proceedings of the ACM Internet Measurement Conference (IMC).

[51]

EFF SSL Observatory [n. d.]. EFF SSL Observatory. https://www.eff.org/observatory.

[52]

Eslam Elnikety, Aastha Mehta, Anjo Vahldiek-Oberwagner, Deepak Garg, and Peter Druschel. 2016. Thoth: Comprehensive Policy Compliance in Data Retrieval Systems. In 25th USENIX Security Symposium (USENIX Security 16). 637--654.

[53]

Sascha Fahl, Marian Harbach, Thomas Muders, Lars Baumgärtner, Bernd Freisleben, and Matthew Smith. 2012. Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security. In Proceedings of ACM CCS. Raleigh, North Carolina, USA.

Digital Library

[54]

Sascha Fahl, Marian Harbach, Henning Perl, Markus Koetter, and Matthew Smith. 2013. Rethinking SSL Development in an Appified World. In Proceedings of ACM CCS. Berlin, Germany.

Digital Library

[55]

Alex Gaynor. 2014. Enabling certificate verification by default for stdlib http clients. PEP 476. https://peps.python.org/pep-0476

[56]

Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, and Vitaly Shmatikov. 2012. The Most Dangerous Code In The World: Validating SSL Certificates In Non-browser Software. In Proceedings of ACM CCS.

Digital Library

[57]

Mark Goodwin. 2015. Revoking Intermediate Certificates: Introducing OneCRL. Mozilla Security Blog. http://mzl.la/1zLFp7M.

[58]

Peter Gutmann. 2000. X.509 Style Guide.

[59]

P. Hallam-Baker. 2015. X.509v3 Transport Layer Security (TLS) Feature Extension. RFC 7633. http://www.ietf.org/rfc/rfc7633.txt

[60]

P. Hoffman and J. Schlyter. 2012. The DNS-based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA. RFC 6698. https://www.ietf.org/rfc/rfc6962.txt

[61]

Ralph Holz, Johanna Amann, Olivier Mehani, Matthias Wachs, and Mohamed Ali Kaafar. 2016. TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication. In Proceedings of NDSS.

[62]

Ralph Holz, Lothar Braun, Nils Kammenhuber, and Georg Carle. 2011. The SSL Landscape -- a Thorough Analysis of the X.509 PKI Using Active and Passive Measurements. In Proceedings of the ACM Internet Measurement Conference (IMC).

[63]

Ralph Holz, Jens Hiller, Johanna Amann, Abbas Razaghpanah, Thomas Jost, Narseo Vallina- Rodriguez, and Oliver Hohlfeld. 2020. Tracking the Deployment of TLS 1.3 on the Web: A Story of Experimentation and Centralization. SIGCOMM Comput. Commun. Rev. 50, 3 (July 2020), 3-15.

Digital Library

[64]

Lin-Shung Huang, Alex Rice, Erling Ellingsen, and Collin Jackson. 2014. Analyzing Forged SSL Certificates In The Wild. In Proceedings of the IEEE Symposium on Security and Privacy. San Jose, California, USA.

Digital Library

[65]

Ian Haken. [n. d.]. BetterTLS. https://netflixtechblog.com/bettertls-c9915cd255c0.

[66]

International Telecommunications Union. 1988. ITU-T Recommendation X.509: The Directory: Authentication Framework. Technical Report X.509.

[67]

Trevor Jim. 2000. SD3: A Trust Management System with Certified Evaluation. In Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001. IEEE, 106--115.

[68]

Joe St Sauver. [n. d.]. How Many "Parts" (or "Labels") Does A Domain Name Typically Have? https://www.farsightsecurity.com/blog/txt-record/rrlabel-20171013/.

[69]

Tiffany Hyun-Jin Kim, Lin-Shung Huang, Adrian Perrig, Collin Jackson, and Virgil Gligor. 2013. Accountable Key Infrastructure (AKI): A Proposal for a Public-key Validation Infrastructure. In Proceedings of WWW.

[70]

William A Kornfeld. 1983. Equality for Prolog. In IJCAI, Vol. 83. 514--519.

[71]

Platon Kotzias, Abbas Razaghpanah, Johanna Amann, Kenneth G. Paterson, Narseo Vallina- Rodriguez, and Juan Caballero. 2018. Coming of Age: A Longitudinal Study of TLS Deployment. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[72]

Robert Krahn, Bohdan Trach, Anjo Vahldiek-Oberwagner, Thomas Knauth, Pramod Bhatotia, and Christof Fetzer. 2018. Pesos: Policy Enhanced Secure Object Store. In Proceedings of the Thirteenth EuroSys Conference. 1--17.

Digital Library

[73]

Deepak Kumar, Zhengping Wang, Matthew Hyder, Joseph Dickinson, Gabrielle Beck, David Adrian, Joshua Mason, Zakir Durumeric, J. Alex Halderman, and Michael Bailey. 2018. Tracking Certificate Misissuance in the Wild. In Proceedings of the IEEE Symposium on Security and Privacy.

[74]

Butler W. Lampson and Howard E. Sturgis. 1976. Reflections on an Operating System Design. Commun. ACM 19, 5 (1976), 251--265.

Digital Library

[75]

Adam Langley. 2012. Revocation Checking and Chrome's CRL. https://www.imperialviolet. org/2012/02/05/crlsets.html.

[76]

James Larisch, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, and Christo Wilson. 2017. CRLite: A Scalable System for Pushing all TLS Revocations to All Browsers. In Proceedings of the IEEE Symposium on Security and Privacy.

[77]

Ben Laurie, Adam Langley, and Emilia Kasper. 2013. Certificate Transparency. RFC 6962. https://www.ietf.org/rfc/rfc6962.txt

[78]

Taeho Lee, Christos Pappas, Pawel Szalachowski, and Adrian Perrig. 2018. Towards Sustainable Evolution for the TLS Public-Key Infrastructure. In Proceedings of AsiaCCS.

Digital Library

[79]

Roy Levin, Ellis Cohen, William Corwin, Fred Pollack, and William Wulf. 1975. Policy/Mechanism Separation in Hydra. In Proceedings of the Fifth ACM symposium on Operating Systems Principles. 132--140.

Digital Library

[80]

Jinjin Liang, Jian Jiang, Haixin Duan, Kang Li, Tao Wan, and Jianping Wu. 2014. When HTTPS Meets CDN: A Case of Authentication in Delegated Service. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[81]

Yabing Liu, Will Tome, Liang Zhang, David Choffnes, Dave Levin, Bruce Maggs, Alan Mislove, Aaron Schulman, and Christo Wilson. 2015. An End-to-end Measurement of Certificate Revocation in the Web's PKI. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[82]

Steve Lloyd. 2002. Understanding Certification Path Construction. In PKI Forum White Paper. http://www.oasis-pki.org/pdfs/Understanding_Path_construction-DS2.pdf.

[83]

Chaoyi Lu, Baojun Liu, Zhou Li, Shuang Hao, Haixin Duan, Mingming Zhang, Chunying Leng, Ying Liu, Zaifeng Zhang, and Jianping Wu. 2019. An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come?. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[84]

Zane Ma, James Austgen, Joshua Mason, Zakir Durumeric, and Michael Bailey. 2021. Tracing Your Roots: Exploring the TLS Trust Anchor Ecosystem. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[85]

Stephanos Matsumoto, Pawel Szalachowski, and Adrian Perrig. 2015. Deployment Challenges in Log-based PKI Enhancements. In European Workshop on Systems Security. Bordeaux, France.

[86]

Misissued/Suspicious Symantec Certificates [n. d.]. Misissued/Suspicious Symantec Certifi- cates. https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/fyJ3EK2YOP8/ yvjS5leYCAAJ.

[87]

Leonardo de Moura and Nikolaj Bjørner. 2008. Z3: An efficient SMT solver. In International conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, 337--340.

[88]

Mozilla CA Recommendations 2017. CA/Required or Recommended Practices. Mozilla Wiki. https://wiki.allizom.org/CA/Required_or_Recommended_Practices.

[89]

Mozilla Root Store Policy 2022. Mozilla Root Store Policy. Mozilla. https://www.mozilla.org/en- US/about/governance/policies/security-group/certs/policy/.

[90]

Mozilla Root Store Policy Archive [n. d.]. Mozilla Root Store Policy Archive. https://wiki. mozilla.org/CA/Root_Store_Policy_Archive.

[91]

David Naylor, Alessandro Finamore, Ilias Leontiadis, Yan Grunenberger, Marco Mellia, Maurizio Munafò, Konstantina Papagiannaki, and Peter Steenkiste. 2014. The Cost of the ?S" in HTTPS. In Proceedings of ACM CoNEXT.

Digital Library

[92]

Xinming Ou, Sudhakar Govindavajhala, Andrew W. Appel, et al. 2005. MulVAL: A Logic-based Network Security Analyzer. In Proceedings of the USENIX Security Symposium. Baltimore, MD, 113--128.

[93]

Muhammad Talha Paracha, Daniel J. Dubois, Narseo Vallina-Rodriguez, and David Choffnes. 2021. IoTLS: Understanding TLS Usage in Consumer IoT Devices. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[94]

Henning Perl, Sascha Fahl, and Matthew Smith. 2014. You Won't Be Needing These Any More: On Removing Unused Certificates From Trust Stores. In Financial Cryptography and Data Security.

[95]

Matthew Prince. 2018. Encrypting SNI: Fixing One of the Core Internet Bugs. https: //blog.cloudflare.com/esni/.

[96]

Tahina Ramananandro, Antoine Delignat-Lavaud, Cédric Fournet, Nikhil Swamy, Tej C hajed, Nadim Kobeissi, and Jonathan Protzenko. 2019. EverParse: Verified Secure Zero-Copy Parsers for Authenticated Message Formats. In Proceedings of the USENIX Security Symposium.

[97]

Abbas Razaghpanah, Arian Akhavan Niaki, Narseo Vallina-Rodriguez, Srikanth Sundaresan, Johanna Amann, and Phillipa Gill. 2017. Studying TLS Usage in Android Apps. In Proceedings of ACM CoNEXT.

Digital Library

[98]

Reducing TLS Certificate Lifespans to 398 Days 2020. Reducing TLS Certificate Lifespans to 398 Days. https://blog.mozilla.org/security/2020/07/09/reducing-tls-certificate-lifespans-to- 398-days/.

[99]

Ivan Ristic. 2013. Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications (2 ed.). Feisty Duck. 97 pages.

[100]

Rusticata DER Parser [n. d.]. Rusticata DER Parser. https://github.com/rusticata/der-parser.

[101]

Rusticata X.509 Parser [n. d.]. Rusticata X.509 Parser. https://github.com/rusticata/x509-parser.

[102]

Mark Dermot Ryan. 2014. Enhanced Certificate Transparency and End-to-end Encrypted Mail. In Proceedings of NDSS. San Diego, California, USA.

[103]

Peter Saint-Andre and Jeff Hodges. 2011. Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS). RFC 6125. https://doi.org/10. 17487/RFC6125

[104]

Quirin Scheitle, Taejoong Chung, Jens Hiller, Oliver Gasser, Johannes Naab, Roland van Rijswijk-Deij, Oliver Hohlfeld, Ralph Holz, Dave Choffnes, Alan Mislove, and Georg Carle. 2018. A First Look at Certification Authority Authorization (CAA). ACM Computer Communication Review 48, 2 (April 2018).

Digital Library

[105]

Quirin Scheitle, Oliver Gasser, Theodor Nolte, Johanna Amann, Lexi Brent, Georg Carle, Ralph Holz, Thomas C. Schmidt, and Matthias Wählisch. 2018. The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem. In Proceedings of the ACM Internet Measurement Conference (IMC) (Boston, MA, USA).

Digital Library

[106]

Aaron Schulman, Dave Levin, and Neil Spring. 2014. RevCast: Fast, Private Certificate Revocation Over FM Radio. In Proceedings of ACM CCS.

Digital Library

[107]

Sudheesh Singanamalla, Esther Han Beol Jang, Richard Anderson, Tadayoshi Kohno, and Kurtis Heimerl. 2020. Accept the Risk and Continue: Measuring the Long Tail of Government https Adoption. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[108]

Ryan Sleevi. 2020. Path Building vs Path Verifying: The Chain of Pain. Medium. https:// medium.com/@sleevi_/path-building-vs-path-verifying-the-chain-of-pain-9fbab861d7d6.

[109]

Juraj Somorovsky. 2016. Systematic Fuzzing and Testing of TLS Libraries. In Proceedings of ACM CCS.

Digital Library

[110]

Ray Spencer, Stephen Smalley, Peter Loscocco, Mike Hibler, Dave Andersen, and Jay Lepreau. 1999. The Flask Security Architecture: System Support for Diverse Security Policies. In 8th USENIX Security Symposium (USENIX Security 99).

[111]

Emily Stark, Lin-Shung Huang, Dinesh Israni, Collin Jackson, and Dan Boneh. 2012. The Case for Prefetching and Prevalidating TLS Server Certificates. In Proceedings of NDSS. San Diego, California, USA.

[112]

Samuel Steffen, Benjamin Bichsel, Mario Gersbach, Noa Melchior, Petar Tsankov, and Martin Vechev. 2019. zkay: Specifying and Enforcing Data Privacy in Smart Contracts. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 1759--1776.

Digital Library

[113]

Nick Sullivan. 2017. High-reliability OCSP stapling and why it matters. CloudFlare. https: //blog.cloudflare.com/high-reliability-ocsp-stapling/.

[114]

Pawel Szalachowski, Stephanos Matsumoto, and Adrian Perrig. 2014. PoliCert: Secure and Flexible TLS Certificate Management.

[115]

Emin Topalovic, Brennan Saeta, Lin-Shung Huang, Collin Jackson, and Dan Boneh. 2012. Towards Short-lived Certificates. In IEEE Web 2.0 Security and Privacy.

[116]

Markus Triska. 2012. The Finite Domain Constraint Solver of SWI-Prolog. In FLOPS (LNCS, Vol. 7294). 307--316.

Digital Library

[117]

Jeffrey D. Ullman. 1988. Principles of Database and Knowledge-Base Systems.

[118]

Anjo Vahldiek-Oberwagner, Eslam Elnikety, Aastha Mehta, Deepak Garg, Peter Druschel, Rodrigo Rodrigues, Johannes Gehrke, and Ansley Post. 2015. Guardat: Enforcing data policies at the storage layer. In Proceedings of the Tenth European Conference on Computer Systems. 1--16.

Digital Library

[119]

Narseo Vallina-Rodriguez, Johanna Amann, Christian Kreibich, Nicholas Weaver, and Vern Paxson. 2014. A Tangled Mass: The Android Root Certificate Stores. In Proceedings of ACM CoNEXT.

Digital Library

[120]

Benjamin VanderSloot, Johanna Amann, Matthew Bernhard, Zakir Durumeric, Michael Bailey, and J. Alex Halderman. 2016. Towards a Complete View of the Certificate Ecosystem. In Proceedings of the ACM Internet Measurement Conference (IMC).

[121]

Frank Wang, Ronny Ko, and James Mickens. 2019. Riverbed: Enforcing User-defined Privacy Constraints in Distributed Web Services. In 16th USENIX Symposium on Networked Systems Design and Implementation (NSDI 19). 615--630.

[122]

Jan Wielemaker, Tom Schrijvers, Markus Triska, and Torbjörn Lager. 2012. SWI-Prolog. Theory and Practice of Logic Programming - Prolog Systems archive 12, 1 (2012), 67--96.

[123]

Jean Yang, Travis Hance, Thomas H. Austin, Armando Solar-Lezama, Cormac Flanagan, and Stephen Chong. 2016. Precise, Dynamic Information Flow for Database-Backed Applications. ACM SIGPLAN Notices 51, 6 (2016), 631--647.

Digital Library

[124]

Jean Yang, Kuat Yessenov, and Armando Solar-Lezama. 2012. A Language for Automatically Enforcing Privacy Policies. ACM SIGPLAN Notices 47, 1 (2012), 85--96.

Digital Library

[125]

Jane Yen, Ramesh Govindan, and Barath Raghavan. 2021. Tools for Disambiguating RFCs. In Proceedings of the Applied Networking Research Workshop. 85--91.

Digital Library

[126]

Scott Yilek, Eric Rescorla, Hovav Shacham, Brandon Enright, and Stefan Savage. 2009. When Private Keys are Public: Results from the 2008 Debian OpenSSL Vulnerability. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[127]

Liang Zhang, David Choffnes, Tudor Dumitras, Dave Levin, Alan Mislove, Aaron Schulman, and Christo Wilson. 2014. Analysis of SSL Certificate Reissues and Revocations in the Wake of Heartbleed. In Proceedings of the ACM Internet Measurement Conference (IMC).

Digital Library

[128]

Liang Zhu, Johanna Amann, and John Heidemann. 2016. Measuring the Latency and Pervasiveness of TLS Certificate Revocation. In Proceedings of PAM.

[129]

ZLint [n. d.]. ZLint. https://github.com/zmap/zlint

Cited By

Debnath JJenkins CSun YChau SChowdhury O(2024)ARMOR: A Formally Verified Implementation of X.509 Certificate Chain Validation2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00220(1462-1480)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00220
Berbecaru DSisinni SSimone M(2024)On the evaluation of X.509 certificate processing in Transport Layer Security interceptors2024 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC61673.2024.10733685(1-6)Online publication date: 26-Jun-2024
https://doi.org/10.1109/ISCC61673.2024.10733685
Cerenius DKaller MBruhner CArlitt MCarlsson N(2024)Trust Issue(r)s: Certificate Revocation and Replacement Practices in the WildPassive and Active Measurement10.1007/978-3-031-56252-5_14(293-321)Online publication date: 11-Mar-2024
https://dl.acm.org/doi/10.1007/978-3-031-56252-5_14
Show More Cited By

Index Terms

Hammurabi: A Framework for Pluggable, Logic-Based X.509 Certificate Validation Policies
1. Security and privacy
  1. Formal methods and theory of security
    1. Logic and verification
  2. Network security
    1. Web protocol security

Recommendations

CA trust management for the Web PKI

The steadily growing number of certification authorities (CAs) assigned to the Web Public Key Infrastructure (Web PKI) and trusted by current browsers imposes severe security issues. Apart from being impossible for relying entities to assess whom they ...
Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

HTTPS secures communications in the web and heavily relies on the Web PKI for authentication. In the Web PKI, Certificate Authorities (CAs) are organizations that provide trust and issue digital certificates. Web clients rely on public root stores ...
Measuring and Applying Invalid SSL Certificates: The Silent Majority
IMC '16: Proceedings of the 2016 Internet Measurement Conference

SSL and TLS are used to secure the most commonly used Internet protocols. As a result, the ecosystem of SSL certificates has been thoroughly studied, leading to a broad understanding of the strengths and weaknesses of the certificates accepted by most ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

November 2022

3598 pages

ISBN:9781450394505

DOI:10.1145/3548606

General Chairs:
Heng Yin
University of California, Riverside
,
Angelos Stavrou
Virginia Tech
,
Program Chairs:
Cas Cremers
CISPA Helmholtz Center for Information Security
,
Elaine Shi
Carnegie Mellon University

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 November 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF (National Science Foundation)

Conference

CCS '22

Sponsor:

SIGSAC

CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security

November 7 - 11, 2022

CA, Los Angeles, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
895
Total Downloads

Downloads (Last 12 months)633
Downloads (Last 6 weeks)50

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Debnath JJenkins CSun YChau SChowdhury O(2024)ARMOR: A Formally Verified Implementation of X.509 Certificate Chain Validation2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00220(1462-1480)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00220
Berbecaru DSisinni SSimone M(2024)On the evaluation of X.509 certificate processing in Transport Layer Security interceptors2024 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC61673.2024.10733685(1-6)Online publication date: 26-Jun-2024
https://doi.org/10.1109/ISCC61673.2024.10733685
Cerenius DKaller MBruhner CArlitt MCarlsson N(2024)Trust Issue(r)s: Certificate Revocation and Replacement Practices in the WildPassive and Active Measurement10.1007/978-3-031-56252-5_14(293-321)Online publication date: 11-Mar-2024
https://dl.acm.org/doi/10.1007/978-3-031-56252-5_14
Luo MFeng BLu LKirda ERen K(2023)On the Complexity of the Web’s PKI: Evaluating Certificate Validation of Mobile BrowsersIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.325586921:1(419-433)Online publication date: 13-Mar-2023
https://dl.acm.org/doi/10.1109/TDSC.2023.3255869
Liang JSadiq MYang GCheng D(2023)BAC-CRLJournal of Network and Computer Applications10.1016/j.jnca.2023.103716218:COnline publication date: 1-Sep-2023
https://dl.acm.org/doi/10.1016/j.jnca.2023.103716

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents