{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T01:15:52Z","timestamp":1742951752134,"version":"3.40.3"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030121426"},{"type":"electronic","value":"9783030121433"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-12143-3_9","type":"book-chapter","created":{"date-parts":[[2019,1,25]],"date-time":"2019-01-25T00:34:45Z","timestamp":1548376485000},"page":"93-109","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["DSTC: DNS-Based Strict TLS Configurations"],"prefix":"10.1007","author":[{"given":"Eman Salem","family":"Alashwali","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pawel","family":"Szalachowski","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,1,25]]},"reference":[{"key":"9_CR1","doi-asserted-by":"crossref","unstructured":"Adrian, D., et al.: Imperfect forward secrecy: how Diffie-Hellman fails in practice. In: Computer and Communications Security (CCS), pp. 5\u201317 (2015)","DOI":"10.1145\/2810103.2813707"},{"key":"9_CR2","first-page":"213","volume-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","author":"Eman Salem Alashwali","year":"2018","unstructured":"Alashwali, E., Rasmussen, K.: On the feasibility of fine-grained TLS security configurations in web browsers based on the requested domain name. In: Security and Privacy in Communication Networks (SecureComm) (2018)"},{"key":"9_CR3","first-page":"468","volume-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","author":"Eman Salem Alashwali","year":"2018","unstructured":"Alashwali, E., Rasmussen, K.: What\u2019s in a downgrade? A taxonomy of downgrade attacks in the TLS protocol and application protocols using TLS. In: Applications and Techniques in Cyber Security (ATCS) (2018)"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Amann, J., Gasser, O., Scheitle, Q., Brent, L., Carle, G., Holz, R.: Mission accomplished? HTTPS security after diginotar. In: Internet Measurement Conference (IMC), pp. 325\u2013340 (2017)","DOI":"10.1145\/3131365.3131401"},{"key":"9_CR5","unstructured":"AmazonWS: Alexa Top 1M Global Sites (2018). \n                    http:\/\/s3.amazonaws.com\/alexa-static\/top-1m.csv.zip\n                    \n                  . Accessed 5 May 2018"},{"key":"9_CR6","unstructured":"Apache: Apache HTTP Server Project (2018). \n                    https:\/\/httpd.apache.org\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR7","unstructured":"Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: DNS Security Introduction and Requirements (2005). \n                    https:\/\/tools.ietf.org\/html\/rfc4033\n                    \n                  . Accessed 6 July2018"},{"key":"9_CR8","unstructured":"Aviram, N., et al.: DROWN: breaking TLS using SSLv2. In: USENIX Security Symposium, pp. 689\u2013706 (2016)"},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Beurdouche, B., et al.: A messy state of the union: taming the composite state machines of TLS. In: Security and Privacy (SP), pp. 535\u2013552 (2015)","DOI":"10.1109\/SP.2015.39"},{"key":"9_CR10","unstructured":"Beurdouche, B., Delignat-Lavaud, A., Kobeissi, N., Pironti, A., Bhargavan, K.: FLEXTLS a tool for testing TLS implementations. In: USENIX Workshop on Offensive Technologies (WOOT) (2014)"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Brzuska, C., Fournet, C., Green, M., Kohlweiss, M., Zanella-B\u00e9guelin, S.: Downgrade resilience in key-exchange protocols. In: Security and Privacy (SP), pp. 506\u2013525 (2016)","DOI":"10.1109\/SP.2016.37"},{"key":"9_CR12","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Leurent, G.: Transcript collision attacks: breaking authentication in TLS, IKE, and SSH. In: Network and Distributed System Security Symposium (NDSS) (2016)","DOI":"10.14722\/ndss.2016.23418"},{"key":"9_CR13","unstructured":"Dukhovni, V., Hardaker, W.: The DNS-Based Authentication of Named Entities (DANE) Protocol: Updates and Operational Guidance (2015). \n                    https:\/\/tools.ietf.org\/html\/rfc7671\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR14","unstructured":"Hallam-Baker, P.: DNS Certification Authority Authorization (CAA) Resource Record (2013). \n                    https:\/\/tools.ietf.org\/html\/rfc6844\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR15","unstructured":"Internet Systems Consortium: Bind Open Source DNS Server (2018). \n                    https:\/\/www.isc.org\/downloads\/bind\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR16","doi-asserted-by":"publisher","DOI":"10.1201\/9781439821916","volume-title":"Handbook of Applied Cryptography","author":"AJ Menezes","year":"1996","unstructured":"Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)"},{"key":"9_CR17","unstructured":"Mockapetris, P.: Domain Names - Implementation and Specification (1987). \n                    https:\/\/tools.ietf.org\/html\/rfc1035\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR18","unstructured":"M\u00f6ller, B., Duong, T., Kotowicz, K.: This POODLE Bites: Exploiting the SSL 3.0 Fallback (2014). \n                    https:\/\/www.openssl.org\/~bodo\/ssl-poodle.pdf\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR19","unstructured":"Oracle: Virtualbox (2018). \n                    https:\/\/www.virtualbox.org\/wiki\/VirtualBox\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR20","unstructured":"Python: Python (2018). \n                    https:\/\/www.python.org\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR21","unstructured":"Python: ssl - TLS\/SSL Wrapper for Socket Objects (2018). \n                    https:\/\/docs.python.org\/3.6\/library\/ssl.html\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR22","unstructured":"Python: time-Time Access and Conversions (2018). \n                    https:\/\/docs.python.org\/3\/library\/time.html\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR23","unstructured":"rbsec: sslscan Tests SSL\/TLS Enabled Services to Discover Supported Cipher Suites (2018). \n                    https:\/\/github.com\/rbsec\/sslscan\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR24","unstructured":"Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2 (2008). \n                    https:\/\/www.ietf.org\/rfc\/rfc5246.txt\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR25","unstructured":"Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3 draft-ietf-tls-tls13-28 (2018). \n                    https:\/\/tools.ietf.org\/html\/draft-ietf-tls-tls13-28\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR26","unstructured":"Schechter, S.: Storing HTTP Security Requirements in the Domain Name System (2007). \n                    https:\/\/lists.w3.org\/Archives\/Public\/public-wsc-wg\/2007Apr\/att-0332\/http-ssr.html\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR27","unstructured":"Sullivan, N.: Padding Oracles and the Decline of CBC-mode Cipher Suites (2016). \n                    https:\/\/blog.cloudflare.com\/padding-oracles-and-the-decline-of-cbc-mode-ciphersuites\/\n                    \n                  . Accessed 6 July 2018"},{"key":"9_CR28","first-page":"155","volume-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","author":"Gaurav Varshney","year":"2018","unstructured":"Varshney, G., Szalachowski, P.: A Metapolicy Framework for Enhancing Domain Expressiveness on the Internet. In: Security and Privacy in Communication Networks (SecureComm) (2018)"},{"key":"9_CR29","doi-asserted-by":"crossref","unstructured":"Vaudenay, S.: Security Flaws Induced by CBC Padding-Applications to SSL, IPSEC, WTLS.... In: Theory and Applications of Cryptographic Techniques (2002)","DOI":"10.1007\/3-540-46035-7_35"},{"key":"9_CR30","unstructured":"Wagner, D., Schneier, B.: Analysis of the SSL 3.0 Protocol. In: USENIX Workshop on Electronic Commerce (EC), pp. 29\u201340 (1996)"}],"container-title":["Lecture Notes in Computer Science","Risks and Security of Internet and Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-12143-3_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T06:38:49Z","timestamp":1558334329000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-12143-3_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030121426","9783030121433"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-12143-3_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"25 January 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRiSIS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Risks and Security of Internet and Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Arcachon","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 October 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 October 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crisis2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crisis2018.labri.fr\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}