{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,17]],"date-time":"2026-02-17T12:11:08Z","timestamp":1771330268381,"version":"3.50.1"},"publisher-location":"Cham","reference-count":49,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031562518","type":"print"},{"value":"9783031562525","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-56252-5_14","type":"book-chapter","created":{"date-parts":[[2024,3,19]],"date-time":"2024-03-19T06:51:26Z","timestamp":1710831086000},"page":"293-321","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Trust Issue(r)s: Certificate Revocation and\u00a0Replacement Practices in\u00a0the\u00a0Wild"],"prefix":"10.1007","author":[{"given":"David","family":"Cerenius","sequence":"first","affiliation":[]},{"given":"Martin","family":"Kaller","sequence":"additional","affiliation":[]},{"given":"Carl Magnus","family":"Bruhner","sequence":"additional","affiliation":[]},{"given":"Martin","family":"Arlitt","sequence":"additional","affiliation":[]},{"given":"Niklas","family":"Carlsson","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,3,20]]},"reference":[{"key":"14_CR1","unstructured":"Akhawe, D., Felt, A.P.: Alice in Warningland: a large-scale field study of browser security warning effectiveness. In: Proceedings of the USENIX Security Symposium, pp. 257\u2013272. USENIX Security 2013, USENIX Association, Washington, D.C. (2013). https:\/\/www.usenix.org\/conference\/usenixsecurity13\/technical-sessions\/presentation\/akhawe"},{"key":"14_CR2","unstructured":"Apple: About upcoming limits on trusted certificates (2020). https:\/\/support.apple.com\/en-us\/102028"},{"key":"14_CR3","doi-asserted-by":"publisher","unstructured":"Barnes, R., Hoffman-Andrews, J., McCarney, D., Kasten, J.: Automatic Certificate Management Environment (ACME). RFC 8555 (2019). https:\/\/doi.org\/10.17487\/RFC8555","DOI":"10.17487\/RFC8555"},{"key":"14_CR4","doi-asserted-by":"publisher","unstructured":"Boeyen, S., Santesson, S., Polk, T., Housley, R., Farrell, S., Cooper, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (2008). https:\/\/doi.org\/10.17487\/RFC5280","DOI":"10.17487\/RFC5280"},{"key":"14_CR5","doi-asserted-by":"publisher","unstructured":"Bruhner, C.M., Linnarsson, O., Nemec, M., Arlitt, M., Carlsson, N.: Changing of the guards: certificate and public key management on the internet. In: Proceeding of Passive and Active Measurement Conference, pp. 50\u201380. PAM 2022, Virtual (2022). https:\/\/doi.org\/10.1007\/978-3-030-98785-5_3","DOI":"10.1007\/978-3-030-98785-5_3"},{"key":"14_CR6","unstructured":"CA\/Browser Forum: Ballot SC31: Browser Alignment (2020). https:\/\/cabforum.org\/2020\/07\/16\/ballot-sc31-browser-alignment\/"},{"key":"14_CR7","unstructured":"CA\/Browser Forum: Guidelines for the Issuance and Management of Extended Validation Certificates (2022). https:\/\/cabforum.org\/wp-content\/uploads\/CA-Browser-Forum-EV-Guidelines-1.8.0.pdf"},{"key":"14_CR8","unstructured":"CA\/Browser Forum: Ballot SC-063 v4: Make OCSP Optional, Require CRLs, and Incentivize Automation (2023). https:\/\/cabforum.org\/2023\/07\/14\/ballot-sc-063-v4make-ocsp-optional-require-crls-and-incentivize-automation\/"},{"key":"14_CR9","unstructured":"CA\/Browser Forum: Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates Version 2.0.1 (2023). https:\/\/cabforum.org\/wp-content\/uploads\/CA-Browser-Forum-BR-v2.0.1.pdf"},{"key":"14_CR10","unstructured":"Certificate Transparency: Our Successes. https:\/\/certificate.transparency.dev\/community\/#successes-grid"},{"key":"14_CR11","doi-asserted-by":"publisher","unstructured":"Chung, T., et al.: Measuring and applying invalid SSL certificates: the silent majority. In: Proceedings of the Internet Measurement Conference, pp. 527\u2013541. IMC 2016, ACM, Santa Monica, CA (2016). https:\/\/doi.org\/10.1145\/2987443.2987454","DOI":"10.1145\/2987443.2987454"},{"key":"14_CR12","doi-asserted-by":"publisher","unstructured":"Chung, T., et al.: Is the web ready for OCSP must-staple? In: Proceedings of the Internet Measurement Conference, pp. 105\u2013118. IMC 2018, ACM, Boston, MA (2018). https:\/\/doi.org\/10.1145\/3278532.3278543","DOI":"10.1145\/3278532.3278543"},{"key":"14_CR13","unstructured":"DigiCert: DigiCert Encryption Everywhere Partner Program (2020). https:\/\/www.digicert.com\/content\/dam\/digicert\/pdfs\/guide\/partner-program-guide-en.pdf"},{"key":"14_CR14","doi-asserted-by":"publisher","unstructured":"Durumeric, Z., et al.: The matter of Heartbleed. In: Proceedings of the Internet Measurement Conference, pp. 475\u2013488. IMC 2014, ACM, Vancouver, BC, Canada (2014). https:\/\/doi.org\/10.1145\/2663716.2663755","DOI":"10.1145\/2663716.2663755"},{"key":"14_CR15","unstructured":"Durumeric, Z., Wustrow, E., Halderman, J.A.: ZMap: fast internet-wide scanning and its security applications. In: Proceedings of the USENIX Security Symposium, pp. 605\u2013620. USENIX Security 2013, USENIX Association, Washington, D.C. (2013). https:\/\/www.usenix.org\/conference\/usenixsecurity13\/technical-sessions\/paper\/durumeric"},{"key":"14_CR16","doi-asserted-by":"publisher","unstructured":"Farhan, S.M., Chung, T.: Exploring the evolution of TLS certificates. In: Proceeding of Passive and Active Measurement Conference, pp. 71\u201384. PAM 2023, Virtual (2023). https:\/\/doi.org\/10.1007\/978-3-031-28486-1_4","DOI":"10.1007\/978-3-031-28486-1_4"},{"key":"14_CR17","unstructured":"Gable, A.: A New Life for Certificate Revocation Lists - Let\u2019s Encrypt (2022). https:\/\/letsencrypt.org\/2022\/09\/07\/new-life-for-crls.html"},{"key":"14_CR18","unstructured":"Google Security Blog: Chrome\u2019s Plan to Distrust Symantec Certificates (2018). https:\/\/security.googleblog.com\/2017\/09\/chromes-plan-to-distrust-symantec.html"},{"key":"14_CR19","doi-asserted-by":"publisher","unstructured":"Halim, A., Danielsson, M., Arlitt, M., Carlsson, N.: Temporal analysis of X.509 revocations and their statuses. In: 2022 IEEE European Symposium on Security and Privacy Workshops, pp. 258\u2013265. EuroS &PW 2022, Genoa, Italy (2022). https:\/\/doi.org\/10.1109\/EuroSPW55150.2022.00032","DOI":"10.1109\/EuroSPW55150.2022.00032"},{"key":"14_CR20","doi-asserted-by":"publisher","unstructured":"Holz, R., Braun, L., Kammenhuber, N., Carle, G.: The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements. In: Proceedings of the Internet Measurement Conference, pp. 427\u2013444. IMC 2011, ACM, Berlin, Germany (2011). https:\/\/doi.org\/10.1145\/2068816.2068856","DOI":"10.1145\/2068816.2068856"},{"key":"14_CR21","unstructured":"Jones, J.: Design of the CRLite Infrastructure (2020). https:\/\/blog.mozilla.org\/security\/2020\/12\/01\/crlite-part-4-infrastructure-design\/"},{"key":"14_CR22","unstructured":"Kim, D., Kwon, B.J., Koz\u00e1k, K., Gates, C., Dumitra\u015f, T.: The broken shield: measuring revocation effectiveness in the windows code-signing PKI. In: Proceedings of the USENIX Security Symposium, pp. 851\u2013868. USENIX Security 2018, USENIX Association, Baltimore, MD (2018). https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/kim"},{"key":"14_CR23","doi-asserted-by":"publisher","unstructured":"Korzhitskii, N., Carlsson, N.: Revocation Statuses on the Internet. In: Proceeding of Passive and Active Measurement Conference, pp. 175\u2013191. PAM 2021, Virtual (2021). https:\/\/doi.org\/10.1007\/978-3-030-72582-2_11","DOI":"10.1007\/978-3-030-72582-2_11"},{"key":"14_CR24","doi-asserted-by":"publisher","unstructured":"Larisch, J., et al.: Hammurabi: a framework for pluggable, logic-based X.509 certificate validation policies. In: Proceedings of the Conference on Computer and Communications Security, pp. 1857\u20131870. CCS 2022, ACM, Los Angeles, CA (2022). https:\/\/doi.org\/10.1145\/3548606.3560594","DOI":"10.1145\/3548606.3560594"},{"key":"14_CR25","doi-asserted-by":"publisher","unstructured":"Larisch, J., Choffnes, D., Levin, D., Maggs, B.M., Mislove, A., Wilson, C.: CRLite: a scalable system for pushing all TLS revocations to all browsers. In: 2017 IEEE Symposium on Security and Privacy, pp. 539\u2013556. S &P 2017, IEEE, San Jose, CA (2017). https:\/\/doi.org\/10.1109\/SP.2017.17","DOI":"10.1109\/SP.2017.17"},{"key":"14_CR26","doi-asserted-by":"publisher","unstructured":"Laurie, B., Langley, A., Kasper, E., Messeri, E., Stradling, R.: Certificate Transparency Version 2.0. RFC 9162 (2021). https:\/\/doi.org\/10.17487\/RFC9162","DOI":"10.17487\/RFC9162"},{"key":"14_CR27","unstructured":"Let\u2019s Encrypt: Integration Guide. Internet Security Research Group (2016). https:\/\/letsencrypt.org\/docs\/integration-guide\/"},{"key":"14_CR28","unstructured":"Let\u2019s Encrypt: 2020.02.29 CAA Rechecking Bug (2020). https:\/\/community.letsencrypt.org\/t\/2020-02-29-caa-rechecking-bug\/114591"},{"key":"14_CR29","doi-asserted-by":"publisher","unstructured":"Liu, Y., et al.: An end-to-end measurement of certificate revocation in the web\u2019s PKI. In: Proceedings of the Internet Measurement Conference, pp. 183\u2013196. IMC 2015, ACM, Tokyo, Japan (2015). https:\/\/doi.org\/10.1145\/2815675.2815685","DOI":"10.1145\/2815675.2815685"},{"key":"14_CR30","doi-asserted-by":"publisher","unstructured":"Ma, Z., et al.: Stale TLS certificates: investigating precarious third-party access to valid TLS keys. In: Proceedings of the Internet Measurement Conference, pp. 222\u2013235. IMC 2023, ACM, Montreal QC, Canada (2023). https:\/\/doi.org\/10.1145\/3618257.3624802","DOI":"10.1145\/3618257.3624802"},{"key":"14_CR31","unstructured":"Microsoft: Microsoft Edge - Policies (2023). https:\/\/learn.microsoft.com\/en-us\/deployedge\/microsoft-edge-policies"},{"key":"14_CR32","unstructured":"Mozilla: CA\/Revocation Checking in Firefox (2021). https:\/\/wiki.mozilla.org\/CA\/Revocation_Checking_in_Firefox#OneCRL"},{"key":"14_CR33","doi-asserted-by":"publisher","unstructured":"Omolola, O., Roberts, R., Ashiq, M.I., Chung, T., Levin, D., Mislove, A.: Measurement and analysis of automated certificate reissuance. In: Proceeding of Passive and Active Measurement Conference, pp. 161\u2013174. PAM 2021, Virtual (2021). https:\/\/doi.org\/10.1007\/978-3-030-72582-2_10","DOI":"10.1007\/978-3-030-72582-2_10"},{"key":"14_CR34","doi-asserted-by":"publisher","unstructured":"Pettersen, Y.N.: The Transport Layer Security (TLS) Multiple Certificate Status Request Extension. RFC 6961 (2013). https:\/\/doi.org\/10.17487\/RFC6961","DOI":"10.17487\/RFC6961"},{"key":"14_CR35","unstructured":"Rapid7: Open Data: SSL Certificates. https:\/\/opendata.rapid7.com\/sonar.ssl\/"},{"key":"14_CR36","unstructured":"Rapid7: Project Sonar. https:\/\/www.rapid7.com\/research\/project-sonar\/"},{"key":"14_CR37","doi-asserted-by":"publisher","unstructured":"Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, D.C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. RFC 6960 (2013). https:\/\/doi.org\/10.17487\/RFC6960","DOI":"10.17487\/RFC6960"},{"key":"14_CR38","unstructured":"Sectigo: What is a Self-Signed Certificate (2021). https:\/\/sectigo.com\/resource-library\/what-is-a-self-signed-certificate"},{"key":"14_CR39","doi-asserted-by":"publisher","unstructured":"Sheffer, Y., Lopez, D., de Dios, O.G., Pastor, A., Fossati, T.: Support for Short-Term, Automatically Renewed (STAR) Certificates in the Automated Certificate Management Environment (ACME). RFC 8739 (2020). https:\/\/doi.org\/10.17487\/RFC8739","DOI":"10.17487\/RFC8739"},{"key":"14_CR40","unstructured":"SSLmate: Certificate Transparency Log Growth. https:\/\/sslmate.com\/labs\/ct_growth\/"},{"key":"14_CR41","unstructured":"Statcounter GlobalStats: Browser Market Share Worldwide (2023). https:\/\/gs.statcounter.com\/browser-market-share"},{"key":"14_CR42","unstructured":"Statista: global market share held by leading internet browsers from January 2012 to January 2023 (2023). https:\/\/www.statista.com\/statistics\/268254\/market-share-of-internet-browsers-worldwide-since-2009\/"},{"key":"14_CR43","unstructured":"The Chromium Projects: CRLSets. https:\/\/www.chromium.org\/Home\/chromium-security\/crlsets\/"},{"key":"14_CR44","unstructured":"The Chromium Projects: Chrome Root Program Policy, Version 1.4 (2023). https:\/\/www.chromium.org\/Home\/chromium-security\/root-ca-policy\/"},{"key":"14_CR45","unstructured":"The Chromium Projects: Moving Forward, Together (2023). https:\/\/www.chromium.org\/Home\/chromium-security\/root-ca-policy\/moving-forward-together\/"},{"key":"14_CR46","unstructured":"TrustAsia: TrustAsia CA Certificate Practice Statement (CPS) V1.1 (8 2020). https:\/\/repository.trustasia.com\/repo\/cps\/TrustAsia-Global-CP-CPS_EN_V1.1.pdf"},{"key":"14_CR47","doi-asserted-by":"publisher","unstructured":"Yee, P.E.: Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 6818 (2013). https:\/\/doi.org\/10.17487\/RFC6818","DOI":"10.17487\/RFC6818"},{"issue":"3","key":"14_CR48","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1145\/3176244","volume":"61","author":"L Zhang","year":"2018","unstructured":"Zhang, L., et al.: Analysis of SSL certificate reissues and revocations in the wake of Heartbleed. Commun. ACM 61(3), 109\u2013116 (2018). https:\/\/doi.org\/10.1145\/3176244","journal-title":"Commun. ACM"},{"key":"14_CR49","doi-asserted-by":"publisher","unstructured":"Zhu, L., Amann, J., Heidemann, J.: Measuring the latency and pervasiveness of TLS certificate revocation. In: Proceeding of Passive and Active Measurement Conference, pp. 16\u201329. PAM 2016, Heraklion, Greece (2016). https:\/\/doi.org\/10.1007\/978-3-319-30505-9_2","DOI":"10.1007\/978-3-319-30505-9_2"}],"container-title":["Lecture Notes in Computer Science","Passive and Active Measurement"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-56252-5_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,19]],"date-time":"2024-03-19T07:02:15Z","timestamp":1710831735000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-56252-5_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031562518","9783031562525"],"references-count":49,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-56252-5_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"20 March 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PAM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Passive and Active Network Measurement","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 March 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 March 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pam2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/pam2024.cs.northwestern.edu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"64","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"14","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"13","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.9","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.42","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}