Proceedings of the Internet Measurement Conference 2018 2018
DOI: 10.1145/3278532.3278543
|View full text |Cite
|
Sign up to set email alerts
|

Is the Web Ready for OCSP Must-Staple?

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
17
0

Year Published

2020
2020
2023
2023

Publication Types

Select...
5
2
2

Relationship

0
9

Authors

Journals

citations
Cited by 35 publications
(22 citation statements)
references
References 21 publications
0
17
0
Order By: Relevance
“…Figure 1 shows the most common revocation mechanisms, which are briefly introduced in this section. [26][27][28]).…”
Section: Certificate Revocation Mechanismsmentioning
confidence: 99%
“…Figure 1 shows the most common revocation mechanisms, which are briefly introduced in this section. [26][27][28]).…”
Section: Certificate Revocation Mechanismsmentioning
confidence: 99%
“…While others [10] have suggested the potential for a DOS attack is not a fundamental problem as a CDN could distribute static revocation information, OCSP Must-Staple has also suffered other problems. These include CA inconsistencies and bugs in server implementations, both of which have slowed adoption [27], [28] shown by the fact that only 0.032% of live certificates use OCSP Must-Staple [29].…”
Section: Network-assisted Revocationmentioning
confidence: 99%
“…Chung et al [14] found in a recent study that 95.4% of all certificates support the Online Certificate Status Protocol (OCSP), which allows a client to query the responsible CA in real-time for a certificate's revocation status via HTTP. As such, the browsed website will be exposed to the CA in question.…”
Section: C6 Ocsp Respondersmentioning
confidence: 99%
“…From a privacystandpoint this could be solved if the server stapled a recently fetched OCSP response with the served certificate. Unfortunately, only 35% of Alexa's top-one-million uses OCSP stapling [14].…”
Section: C6 Ocsp Respondersmentioning
confidence: 99%