Abstract
The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data. It is based on X.509 Certificates. Our previous research showed that popular Web Browsers exhibit non-standardized behaviour with respect to the certificate validation process [1]. This article extends that work by examining their handling of OCSP Stapling. We also examine several popular HTTPS interception products, including proxies and anti-virus tools, regarding their certificate validation processes. We analyse and compare their behaviour to that described in the relative standards.
Author supplied keywords
Cite
CITATION STYLE
Wazan, A. S., Laborde, R., Chadwick, D. W., Venant, R., Benzekri, A., Billoir, E., & Alfandi, O. (2022). On the Validation of Web X.509 Certificates by TLS Interception Products. IEEE Transactions on Dependable and Secure Computing, 19(1). https://doi.org/10.1109/TDSC.2020.3000595
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
