{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T02:04:27Z","timestamp":1775700267259,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":38,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642275753","type":"print"},{"value":"9783642275760","type":"electronic"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-27576-0_20","type":"book-chapter","created":{"date-parts":[[2012,2,2]],"date-time":"2012-02-02T13:45:35Z","timestamp":1328190335000},"page":"250-259","source":"Crossref","is-referenced-by-count":68,"title":["Certified Lies: Detecting and Defeating Government Interception Attacks against SSL (Short Paper)"],"prefix":"10.1007","author":[{"given":"Christopher","family":"Soghoian","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sid","family":"Stamm","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"20_CR1","doi-asserted-by":"crossref","unstructured":"Dierks, T., Allen, C.: The TLS Protocol Version 1.0. RFC 2246 (Proposed Standard), Obsoleted by RFC 4346, updated by RFCs 3546, 5746 (January 1999)","DOI":"10.17487\/rfc2246"},{"key":"20_CR2","unstructured":"Nightingale, J.: SSL Question Corner. meandering wildly (blog) (August 5, 2008), \n                    \n                      http:\/\/blog.johnath.com\/2008\/08\/05\/ssl-question-corner\/"},{"key":"20_CR3","unstructured":"Sunshine, J., Egelman, S., Almuhimedi, H., Atri, N., Cranor, L.F.: Crying wolf: An empirical study of SSL warning effectiveness. In: Proceedings of the 18th Usenix Security Symposium (August 2009)"},{"key":"20_CR4","unstructured":"Soghoian, C.: Caught in the cloud: Privacy, encryption, and government back doors in the web 2.0 era. Journal on Telecommunications and High Technology Law (forthcoming)"},{"key":"20_CR5","unstructured":"Singel, R.: PGP Creator Defends Hushmail. Wired News Threat Level Blog (November 19, 2007), \n                    \n                      http:\/\/www.wired.com\/threatlevel\/2007\/11\/pgp-creator-def"},{"key":"20_CR6","unstructured":"McCullagh, D.: Court to FBI: No spying on in-car computers. CNET News (November 19, 2003), \n                    \n                      http:\/\/news.cnet.com\/2100-1029_3-5109435.html"},{"key":"20_CR7","unstructured":"Markoff, J.: Surveillance of skype messages found in china. The New York Times (October 1, 2008), \n                    \n                      http:\/\/www.nytimes.com\/2008\/10\/02\/technology\/internet\/02skype.html"},{"key":"20_CR8","unstructured":"Jacobs, A.: China requires censorship software on new pcs. The New York Times (June 8, 2009), \n                    \n                      http:\/\/www.nytimes.com\/2009\/06\/09\/world\/asia\/09china.html"},{"key":"20_CR9","unstructured":"Singel, R.: Law Enforcement Appliance Subverts SSL. Wired News Threat Level Blog (March 24, 2010), \n                    \n                      http:\/\/www.wired.com\/threatlevel\/2010\/03\/packet-forensics\/"},{"key":"20_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"172","DOI":"10.1007\/10720107_24","volume-title":"Security Protocols","author":"F. Stajano","year":"2000","unstructured":"Stajano, F., Anderson, R.J.: The Resurrecting Duckling: Security Issues for Ad-Hoc Wireless Networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M., et al. (eds.) Security Protocols 1999. LNCS, vol.\u00a01796, pp. 172\u2013182. Springer, Heidelberg (2000)"},{"key":"20_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1007\/978-3-540-39871-4_3","volume-title":"Security Protocols","author":"J. Arkko","year":"2004","unstructured":"Arkko, J., Nikander, P.: Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2002. LNCS, vol.\u00a02845, pp. 5\u201319. Springer, Heidelberg (2004)"},{"issue":"1","key":"20_CR12","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1016\/j.jpolmod.2007.03.007","volume":"30","author":"M. Bussiere","year":"2008","unstructured":"Bussiere, M., Fratzscher, M.: Low probability, high impact: Policy making and extreme events. Journal of Policy Modeling\u00a030(1), 111\u2013121 (2008)","journal-title":"Journal of Policy Modeling"},{"key":"20_CR13","unstructured":"Diwanji, P.: Detecting suspicious account activity. The Official Gmail Blog (March 24, 2010), \n                    \n                      http:\/\/gmailblog.blogspot.com\/2010\/03\/detecting-suspicious-account-activity.html"},{"key":"20_CR14","unstructured":"Certificate patrol (2010), \n                    \n                      http:\/\/patrol.psyced.org\/"},{"key":"20_CR15","unstructured":"Kaminsky, D.: Email conversation with author (February 28, 2010)"},{"key":"20_CR16","unstructured":"Gillmor, D.K.: Technical Architecture shapes Social Structure: an example from the real world (February 21, 2007), \n                    \n                      http:\/\/lair.fifthhorseman.net\/~dkg\/tls-centralization\/"},{"key":"20_CR17","unstructured":"Peter\u00a0SJF Bance. Ssl: Whom do you trust? (April 20, 2005), \n                    \n                      http:\/\/www.minstrel.org.uk\/papers\/2005.04.20-ssl-trust.pdf"},{"key":"20_CR18","unstructured":"Ed\u00a0Gerck. First published online by the MCWG at \n                    \n                      http:\/\/mcwg.org\/cert.htm\n                    \n                    \n                   (April 1997). Invited talk at the Black Hat Briefings 1999, Las Vegas, NV, July 7-8 (1999). Published by The Bell, ISSN 1530-048X, Vol. 1, No. 3, p. 8 (July 2000), \n                    \n                      http:\/\/www.thebell.net\/papers\/certover.pdf"},{"key":"20_CR19","first-page":"306","volume-title":"WETICE 1998: Proceedings of the 7th Workshop on Enabling Technologies","author":"J.M. Hayes","year":"1998","unstructured":"Hayes, J.M.: The problem with multiple roots in web browsers - certificate masquerading. In: WETICE 1998: Proceedings of the 7th Workshop on Enabling Technologies, pp. 306\u2013313. IEEE Computer Society, Washington, DC (1998)"},{"key":"20_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/3-540-62494-5_2","volume-title":"Security Protocols","author":"B. Crispo","year":"1997","unstructured":"Crispo, B., Lomas, M.: A Certification Scheme for Electronic Commerce. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol.\u00a01189, pp. 19\u201332. Springer, Heidelberg (1997)"},{"key":"20_CR21","unstructured":"Monkeysphere (2010), \n                    \n                      http:\/\/web.monkeysphere.info\/"},{"key":"20_CR22","unstructured":"Grigg, I.: VeriSign\u2019s conflict of interest creates new threat. Financial Cryptography (blog) (September 1, 2004), \n                    \n                      http:\/\/financialcryptography.com\/mt\/archives\/000206.html"},{"key":"20_CR23","unstructured":"Grigg, I.: PKI considered harmful (October 14, 2008), \n                    \n                      http:\/\/iang.org\/ssl\/pki_considered_harmful.html"},{"key":"20_CR24","unstructured":"Grigg, I.: Why the browsers must change their old SSL security (?) model. In: Financial Cryptography (blog) (March 24, 2010), \n                    \n                      financialcryptography.com\/mt\/archives\/001232.html"},{"key":"20_CR25","unstructured":"Grigg, I., Shostack, A.: VeriSign and Conflicts of Interest (February 2, 2005), \n                    \n                      http:\/\/forum.icann.org\/lists\/net-rfp-verisign\/msg00008.html"},{"key":"20_CR26","unstructured":"Engert, K.: Conspiracy \u2014 A Mozilla Firefox Extension (March 18, 2010), \n                    \n                      http:\/\/kuix.de\/conspiracy\/"},{"key":"20_CR27","doi-asserted-by":"crossref","unstructured":"Herley, C.: So long, and no thanks for the externalities: the rational rejection of security advice by users. In: NSPW 2009: Proceedings of the 2009 Workshop on New Security Paradigms Workshop, pp. 133\u2013144 (September 2009)","DOI":"10.1145\/1719030.1719050"},{"key":"20_CR28","first-page":"321","volume-title":"ATC 2008: USENIX 2008 Annual Technical Conference on Annual Technical Conference","author":"D. Wendlandt","year":"2008","unstructured":"Wendlandt, D., Andersen, D.G., Perrig, A.: Perspectives: improving ssh-style host authentication with multi-path probing. In: ATC 2008: USENIX 2008 Annual Technical Conference on Annual Technical Conference, pp. 321\u2013334. USENIX Association, Berkeley (2008)"},{"key":"20_CR29","doi-asserted-by":"publisher","first-page":"557","DOI":"10.1109\/ISCC.2009.5202224","volume-title":"ISCC 2009: IEEE Symposium on Computers and Communications","author":"M. Alicherry","year":"2009","unstructured":"Alicherry, M., Keromytis, A.D.: Doublecheck: Multi-path verification against man-in-the-middle attacks. In: ISCC 2009: IEEE Symposium on Computers and Communications, pp. 557\u2013563. IEEE, Piscataway (2009)"},{"issue":"4","key":"20_CR30","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1391949.1391950","volume":"8","author":"A. Herzberg","year":"2008","unstructured":"Herzberg, A., Jbara, A.: Security and identification indicators for browsers against spoofing and phishing attacks. ACM Trans. Internet Technol.\u00a08(4), 1\u201336 (2008)","journal-title":"ACM Trans. Internet Technol."},{"key":"20_CR31","unstructured":"Close, T.: Petname tool (2005), \n                    \n                      http:\/\/www.waterken.com\/user\/PetnameTool\/"},{"key":"20_CR32","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1109\/MSP.2008.131","volume":"6","author":"D. Ahmad","year":"2008","unstructured":"Ahmad, D.: Two Years of Broken Crypto: Debian\u2019s Dress Rehearsal for a Global PKI Compromise. IEEE Security and Privacy\u00a06, 70\u201373 (2008)","journal-title":"IEEE Security and Privacy"},{"key":"20_CR33","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1145\/1644893.1644896","volume-title":"Proceedings of the 9th ACM SIGCOMM Conference on Internet Measurement Conference","author":"S. Yilek","year":"2009","unstructured":"Yilek, S., Rescorla, E., Shacham, H., Enright, B., Savage, S.: When private keys are public: results from the 2008 Debian OpenSSL vulnerability. In: Proceedings of the 9th ACM SIGCOMM Conference on Internet Measurement Conference, pp. 15\u201327. ACM, New York (2009)"},{"key":"20_CR34","unstructured":"The H Security. heise SSL Guardian: Protection against unsafe SSL certificates (July 4, 2008), \n                    \n                      www.h-online.com\/security\/features\/Heise-SSL-Guardian-746213.html\n                    \n                    \n                  ."},{"key":"20_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/978-3-642-03356-8_4","volume-title":"Advances in Cryptology - CRYPTO 2009","author":"M. Stevens","year":"2009","unstructured":"Stevens, M., Sotirov, A., Appelbaum, J., Lenstra, A., Molnar, D., Osvik, D.A., de Weger, B.: Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol.\u00a05677, pp. 55\u201369. Springer, Heidelberg (2009)"},{"key":"20_CR36","unstructured":"Anka, M.: SSL Blacklist 4.0 (January 31, 2010), \n                    \n                      http:\/\/www.codefromthe70s.org\/sslblacklist.aspx"},{"key":"20_CR37","first-page":"525","volume-title":"WWW 2008: Proceeding of the 17th International Conference on World Wide Web","author":"C. Jackson","year":"2008","unstructured":"Jackson, C., Barth, A.: Forcehttps: protecting high-security web sites from network attacks. In: WWW 2008: Proceeding of the 17th International Conference on World Wide Web, pp. 525\u2013534. ACM, New York (2008)"},{"key":"20_CR38","unstructured":"Hodges, J., Jackson, C., Barth, A.: Strict Transport Security (December 18, 2009), \n                    \n                      lists.w3.org\/Archives\/Public\/www-archive\/2009Dec\/att-0048\/draft-hodges-strict-transport-sec-06.plain.html"}],"container-title":["Lecture Notes in Computer Science","Financial Cryptography and Data Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-27576-0_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,4,26]],"date-time":"2019-04-26T07:52:54Z","timestamp":1556265174000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-27576-0_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642275753","9783642275760"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-27576-0_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012]]}}}