Abstract
The Transport Layer Security (TLS) Public Key Infrastructure (PKI) is essential to the security and privacy of users on the Internet. Despite its importance, prior work from the mid-2010s has shown that mismanagement of the TLS PKI often led to weakened security guarantees, such as compromised certificates going unrevoked and many internet devices generating self-signed certificates. Many of these problems can be traced to manual processes that were the only option at the time. However, in the intervening years, the TLS PKI has undergone several changes: once-expensive TLS certificates are now freely available, and they can be obtained and reissued via automated programs.
In this paper, we examine whether these changes to the TLS PKI have led to improvements in the PKI’s management. We collect data on all certificates issued by Let’s Encrypt (now the largest certificate authority by far) over the past four years. Our analysis focuses on two key questions: First, are administrators making proper use of the automation that modern CAs provide for certificate reissuance? We find that for certificates with a sufficiently long history of being reissued, 80% of them did reissue their certificates on a predictable schedule, suggesting that the remaining 20% may use manual processes to reissue, despite numerous automated tools for doing so. Second, do administrators that use automated CAs react to large-scale compromises more responsibly? To answer this, we use a recent Let’s Encrypt misissuance bug as a natural experiment, and find that a significantly larger fraction of administrators reissued their certificates in a timely fashion compared to previous bugs.
In this paper, we examine whether these changes to the TLS PKI have led to improvements in the PKI’s management. We collect data on all certificates issued by Let’s Encrypt (now the largest certificate authority by far) over the past four years. Our analysis focuses on two key questions: First, are administrators making proper use of the automation that modern CAs provide for certificate reissuance? We find that for certificates with a sufficiently long history of being reissued, 80% of them did reissue their certificates on a predictable schedule, suggesting that the remaining 20% may use manual processes to reissue, despite numerous automated tools for doing so. Second, do administrators that use automated CAs react to large-scale compromises more responsibly? To answer this, we use a recent Let’s Encrypt misissuance bug as a natural experiment, and find that a significantly larger fraction of administrators reissued their certificates in a timely fashion compared to previous bugs.
| Originalsprache | englisch |
|---|---|
| Titel | Passive and Active Measurement - 22nd International Conference, PAM 2021, Proceedings |
| Redakteure/-innen | Oliver Hohlfeld, Andra Lutu, Dave Levin |
| Herausgeber (Verlag) | Springer |
| Seiten | 161-174 |
| Seitenumfang | 14 |
| ISBN (Print) | 978-3-030-72581-5 |
| DOIs | |
| Publikationsstatus | Veröffentlicht - 2021 |
| Extern publiziert | Ja |
| Veranstaltung | 2021 International Conference on Passive and Active Network Measurement: PAM 2021 - Virtuell, Deutschland Dauer: 29 März 2021 → 31 März 2021 |
Publikationsreihe
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Band | 12671 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (elektronisch) | 1611-3349 |
Konferenz
| Konferenz | 2021 International Conference on Passive and Active Network Measurement |
|---|---|
| Land/Gebiet | Deutschland |
| Ort | Virtuell |
| Zeitraum | 29/03/21 → 31/03/21 |
ASJC Scopus subject areas
- Theoretische Informatik
- Allgemeine Computerwissenschaft