{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,25]],"date-time":"2025-10-25T14:23:28Z","timestamp":1761402208680,"version":"3.40.3"},"publisher-location":"Cham","reference-count":57,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030927073"},{"type":"electronic","value":"9783030927080"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-92708-0_2","type":"book-chapter","created":{"date-parts":[[2022,1,3]],"date-time":"2022-01-03T23:02:43Z","timestamp":1641250963000},"page":"17-37","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Re-Check Your Certificates! Experiences and\u00a0Lessons Learnt from\u00a0Real-World HTTPS Certificate Deployments"],"prefix":"10.1007","author":[{"given":"Wenya","family":"Wang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yakang","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chao","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuan","family":"Yan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Juanru","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dawu","family":"Gu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,1,4]]},"reference":[{"key":"2_CR1","unstructured":"Usage statistics of Default protocol https for websites. https:\/\/w3techs.com\/technologies\/details\/ce-httpsdefault"},{"key":"2_CR2","unstructured":"The mozilla observatory. https:\/\/observatory.mozilla.org\/"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"Acer, M.E., et al.: Where the wild warnings are: root causes of chrome https certificate errors. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security 2017, pp. 1407\u20131420 (2017)","DOI":"10.1145\/3133956.3134007"},{"key":"2_CR4","doi-asserted-by":"crossref","unstructured":"Kumar, D., et al.: Tracking certificate misissuance in the wild. In: IEEE Symposium on Security and Privacy (SP). IEEE 2018, pp. 785\u2013798 (2018)","DOI":"10.1109\/SP.2018.00015"},{"key":"2_CR5","doi-asserted-by":"crossref","unstructured":"Schwittmann, L., Wander, M., Weis, T.: Domain impersonation is feasible: a study of ca domain validation vulnerabilities. In: IEEE European Symposium on Security and Privacy (EuroS&P). IEEE 2019, pp. 544\u2013559 (2019)","DOI":"10.1109\/EuroSP.2019.00046"},{"key":"2_CR6","doi-asserted-by":"crossref","unstructured":"Singanamalla, S., Jang, E.H.B., Anderson, R., Kohno, T., Heimerl, K.: Accept the risk and continue: measuring the long tail of government https adoption. In: Proceedings of the ACM Internet Measurement Conference 2020, pp. 577\u2013597 (2020)","DOI":"10.1145\/3419394.3423645"},{"key":"2_CR7","doi-asserted-by":"crossref","unstructured":"Ukrop, M., Kraus, L., Matyas, V., Wahsheh, H.A.M.: Will you trust this TLS certificate? Perceptions of people working in it. In: Proceedings of the 35th Annual Computer Security Applications Conference, 2019, pp. 718\u2013731 (2019)","DOI":"10.1145\/3359789.3359800"},{"key":"2_CR8","unstructured":"Ssl pulse. https:\/\/www.ssllabs.com\/ssl-pulse\/"},{"key":"2_CR9","unstructured":"All trusted web PKI certificate authority certificates known to Mozilla will be cached locally. https:\/\/lwn.net\/Articles\/817182\/"},{"key":"2_CR10","unstructured":"Intermediate ca caching could be used to fingerprint firefox users. https:\/\/threatpost.com\/intermediate-ca-caching-could-be-used-to-fingerprint-firefox-users\/123834\/"},{"key":"2_CR11","doi-asserted-by":"crossref","unstructured":"Aas, J., et al.: Let\u2019s encrypt: an automated certificate authority to encrypt the entire web. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security 2019, pp. 2473\u20132487 (2019)","DOI":"10.1145\/3319535.3363192"},{"key":"2_CR12","unstructured":"2020 ISRG annual report. https:\/\/www.abetterinternet.org\/documents\/2020-ISRG-Annual-Report.pdf"},{"key":"2_CR13","unstructured":"Instagram forgets to renew its SSL certificate. https:\/\/news.netcraft.com\/archives\/2015\/04\/30\/instagram-forgets-to-renew-its-ssl-certificate.html"},{"key":"2_CR14","unstructured":"EV UI Moving to Page Info. https:\/\/chromium.googlesource.com\/chromium\/src\/+\/HEAD\/docs\/security\/ev-to-page-info.md"},{"key":"2_CR15","unstructured":"Improved security and privacy indicators in firefox 70. https:\/\/blog.mozilla.org\/security\/2019\/10\/15\/improved-security-and-privacy-indicators-in-firefox-70\/"},{"key":"2_CR16","unstructured":"Extended validation certificates are dead. https:\/\/www.troyhunt.com\/extended-validation-certificates-are-dead\/"},{"key":"2_CR17","doi-asserted-by":"crossref","unstructured":"Smith, T., Dickinson, L., Seamons, K.: Let\u2019s revoke: scalable global certificate revocation. In: 27th Annual Network and Distributed System Security Symposium, NDSS (2020)","DOI":"10.14722\/ndss.2020.24084"},{"key":"2_CR18","doi-asserted-by":"crossref","unstructured":"Chung, T., et al.: Is the web ready for OCSP must-staple? In: Proceedings of the Internet Measurement Conference 2018, pp. 105\u2013118 (2018)","DOI":"10.1145\/3278532.3278543"},{"key":"2_CR19","doi-asserted-by":"crossref","unstructured":"Hallam-Baker, P.: X. 509v3 transport layer security (TLS) feature extension, RFC 7633 (2015)","DOI":"10.17487\/RFC7633"},{"key":"2_CR20","unstructured":"CA\/Revocation Checking in Firefox. https:\/\/wiki.mozilla.org\/CA\/Revocation_Checking_in_Firefox#OCSP_Must-staple"},{"key":"2_CR21","doi-asserted-by":"crossref","unstructured":"Stark, E., et al.: Does certificate transparency break the web? Measuring adoption and error rate. In: IEEE Symposium on Security and Privacy (SP) 2019, pp. 211\u2013226. IEEE (2019)","DOI":"10.1109\/SP.2019.00027"},{"key":"2_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/978-3-319-76481-8_14","volume-title":"Passive and Active Measurement","author":"C Nykvist","year":"2018","unstructured":"Nykvist, C., Sj\u00f6str\u00f6m, L., Gustafsson, J., Carlsson, N.: Server-side adoption of certificate transparency. In: Beverly, R., Smaragdakis, G., Feldmann, A. (eds.) PAM 2018. LNCS, vol. 10771, pp. 186\u2013199. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-76481-8_14"},{"key":"2_CR23","doi-asserted-by":"crossref","unstructured":"Cangialosi, F., Chung, T., Choffnes, D., Levin, D., Maggs, B.M., Mislove, A., Wilson, C.: Measurement and analysis of private key sharing in the https ecosystem. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security 2016, pp. 628\u2013640 (2016)","DOI":"10.1145\/2976749.2978301"},{"key":"2_CR24","doi-asserted-by":"crossref","unstructured":"Zhang, M., et al.: Talking with familiar strangers: an empirical study on https context confusion attacks. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020, pp. 1939\u20131952 (2020)","DOI":"10.1145\/3372297.3417252"},{"key":"2_CR25","unstructured":"Squarcina, M., Tempesta, M., Veronese, L., Calzavara, S., Maffei, M.: Can i take your subdomain? Exploring related-domain attacks in the modern web. arXiv preprint arXiv:2012.01946 (2020)"},{"key":"2_CR26","unstructured":"Cernet. http:\/\/www.edu.cn\/english\/"},{"key":"2_CR27","unstructured":"Project 211. https:\/\/en.wikipedia.org\/wiki\/Project_211"},{"key":"2_CR28","unstructured":"Network Service. https:\/\/its.pku.edu.cn\/service_1_dns.jsp"},{"key":"2_CR29","unstructured":"Sublist3r. https:\/\/github.com\/aboul3la\/Sublist3r"},{"key":"2_CR30","unstructured":"ctr.sh. https:\/\/crt.sh\/"},{"key":"2_CR31","unstructured":"Requests. https:\/\/requests.readthedocs.io\/en\/master\/"},{"key":"2_CR32","unstructured":"Deprecations and Removals in Chrome 58. https:\/\/developers.google.com\/web\/updates\/2017\/03\/chrome-58-deprecations"},{"key":"2_CR33","unstructured":"Requirements for trusted certificates in iOS 13 and macOS 10.15. https:\/\/support.apple.com\/en-us\/HT210176"},{"key":"2_CR34","unstructured":"About upcoming limits on trusted certificates. https:\/\/support.apple.com\/en-us\/HT211025"},{"key":"2_CR35","unstructured":"Certificate lifetimes. https:\/\/chromium.googlesource.com\/chromium\/src\/+\/master\/net\/docs\/certificate_lifetimes.md"},{"key":"2_CR36","unstructured":"Reducing TLS certificate lifespans to 398 days. https:\/\/blog.mozilla.org\/security\/2020\/07\/09\/reducing-tls-certificate-lifespans-to-398-days\/"},{"key":"2_CR37","unstructured":"Ballot 193\u2013825-day certificate lifetimes. https:\/\/cabforum.org\/2017\/03\/17\/ballot-193-825-day-certificate-lifetimes\/"},{"key":"2_CR38","unstructured":"Preloading Intermediate CA Certificates into Firefox. https:\/\/blog.mozilla.org\/security\/2020\/11\/13\/preloading-intermediate-ca-certificates-into-firefox\/"},{"key":"2_CR39","unstructured":"Certificate transparency. https:\/\/chromium.googlesource.com\/chromium\/src\/+\/master\/net\/docs\/certificate-transparency.md"},{"key":"2_CR40","unstructured":"Apple\u2019s certificate transparency policy. https:\/\/support.apple.com\/en-us\/HT205280"},{"key":"2_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/11426639_2","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"X Wang","year":"2005","unstructured":"Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19\u201335. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11426639_2"},{"key":"2_CR42","unstructured":"Announcing the first sha1 collision. https:\/\/security.googleblog.com\/2017\/02\/announcing-first-sha1-collision.html"},{"key":"2_CR43","unstructured":"Apple drops support for sha-1 certificates in macos catalina and ios 13. https:\/\/www.macrumors.com\/2019\/06\/06\/apple-deprecates-sha1-macos-catalina-ios-13\/"},{"key":"2_CR44","unstructured":"A further update on SHA-1 certificates in chrome. https:\/\/www.chromium.org\/Home\/chromium-security\/education\/tls\/sha-1"},{"key":"2_CR45","doi-asserted-by":"crossref","unstructured":"Barker, E., Roginsky, A.: Transitioning the use of cryptographic algorithms and key lengths. Technical report, National Institute of Standards and Technology (2018)","DOI":"10.6028\/NIST.SP.800-131Ar2"},{"key":"2_CR46","unstructured":"Chrome Root Store. https:\/\/www.chromium.org\/Home\/chromium-security\/root-ca-policy"},{"key":"2_CR47","unstructured":"Available trusted root certificates for Apple operating systems. https:\/\/support.apple.com\/en-us\/HT209143"},{"key":"2_CR48","unstructured":"CA certificates extracted from Mozilla. https:\/\/curl.se\/docs\/caextract.html"},{"key":"2_CR49","unstructured":"Release notes - Microsoft Trusted Root Certificate Program. https:\/\/docs.microsoft.com\/en-us\/security\/trusted-root\/release-notes"},{"key":"2_CR50","unstructured":"pyOpenSSL\u2019s documentation. https:\/\/www.pyopenssl.org\/en\/stable\/"},{"key":"2_CR51","unstructured":"ev\\_root\\_ca\\_metadata. https:\/\/chromium.googlesource.com\/chromium\/src\/net\/+\/master\/cert\/ev_root_ca_metadata.cc"},{"key":"2_CR52","doi-asserted-by":"crossref","unstructured":"Razaghpanah, A., Niaki, A.A., Vallina-Rodriguez, N., Sundaresan, S., Amann, J., Gill, P.: Studying TLS usage in android apps. In: Proceedings of the 13th International Conference on Emerging Networking EXperiments and Technologies 2017, pp. 350\u2013362 (2017)","DOI":"10.1145\/3143361.3143400"},{"key":"2_CR53","doi-asserted-by":"crossref","unstructured":"Alashwali, E.S., Szalachowski, P., Martin, A.: Does www. mean better transport layer security?. In: Proceedings of the 14th International Conference on Availability, Reliability and Security 2019, pp. 1\u20137 (2019)","DOI":"10.1145\/3339252.3339277"},{"key":"2_CR54","doi-asserted-by":"crossref","unstructured":"Tiefenau, C., von Zezschwitz, E., H\u00e4ring, M., Krombholz, K., Smith, M.: A usability evaluation of let\u2019s encrypt and Certbot: usable security done right. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security 2019, pp. 1971\u20131988 (2019)","DOI":"10.1145\/3319535.3363220"},{"key":"2_CR55","doi-asserted-by":"crossref","unstructured":"Bernhard, M., Sharman, J., Acemyan, C.Z., Kortum, P., Wallach, D.S., Halderman, J.A.: On the usability of https deployment. In: Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems 2019, pp. 1\u201310 (2019)","DOI":"10.1145\/3290605.3300540"},{"key":"2_CR56","unstructured":"Zeng, E., Li, F., Stark, E., Felt, A.P., Tabriz, P.: Fixing https misconfigurations at scale: an experiment with security notifications (2019)"},{"key":"2_CR57","unstructured":"Krombholz, K., Mayer, W., Schmiedecker, M., Weippl, E.: \u201c\u201c i have no idea what i\u2019m doing\u201d-on the usability of deploying $$\\{$$HTTPS$$\\}$$\u201d. In: 26th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 17) 2017, pp. 1339\u20131356 (2017)"}],"container-title":["Lecture Notes in Computer Science","Network and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-92708-0_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,29]],"date-time":"2022-04-29T16:05:21Z","timestamp":1651248321000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-92708-0_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030927073","9783030927080"],"references-count":57,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-92708-0_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"4 January 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NSS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Network and System Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tianjin","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"nss2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/nsclab.org\/nss2021\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"62","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"16","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.75","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}