{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,13]],"date-time":"2026-01-13T03:22:22Z","timestamp":1768274542924,"version":"3.49.0"},"reference-count":35,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2024,5,29]],"date-time":"2024-05-29T00:00:00Z","timestamp":1716940800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,5,29]],"date-time":"2024-05-29T00:00:00Z","timestamp":1716940800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2024,8]]},"DOI":"10.1007\/s10207-024-00867-3","type":"journal-article","created":{"date-parts":[[2024,5,29]],"date-time":"2024-05-29T03:47:34Z","timestamp":1716954454000},"page":"2881-2910","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A compliance-based ranking of certificate authorities using probabilistic approaches"],"prefix":"10.1007","volume":"23","author":[{"given":"Kashif","family":"Junaid","sequence":"first","affiliation":[]},{"given":"Muhammad Umar","family":"Janjua","sequence":"additional","affiliation":[]},{"given":"Junaid","family":"Qadir","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,5,29]]},"reference":[{"key":"867_CR1","doi-asserted-by":"crossref","unstructured":"Alabduljabbar, A., Ma, R., Choi, S., Jang, R., Chen, S. and Mohaisen, D.: Understanding the security of free content websites by analyzing their ssl certificates: a comparative study. In Proceedings of the 1st Workshop on Cybersecurity and Social Sciences, CySSS \u201922, page 19-25, New York, NY, USA, 2022. Association for Computing Machinery","DOI":"10.1145\/3494108.3522769"},{"key":"867_CR2","unstructured":"Apoorva, B.: Top 10 SSL certificate providers of 2023 to secure your site. Startup Talky, 2023. Accessed 25 Mar 2024"},{"key":"867_CR3","doi-asserted-by":"crossref","unstructured":"Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: DNS security introduction and requirements. RFC 4033 (2005)","DOI":"10.17487\/rfc4033"},{"key":"867_CR4","first-page":"2014","volume":"114\u2013129","author":"C Brubaker","year":"2014","unstructured":"Brubaker, C., Jana, S., Ray, B., Khurshid, S., Shmatikov, V.: Using Frankencerts for automated adversarial testing of certificate validation in SSL\/TLS implementations. IEEE Secur. Privacy 114\u2013129, 2014 (2014)","journal-title":"IEEE Secur. Privacy"},{"key":"867_CR5","unstructured":"CA|Browser (CAB) Forum. Baseline guidelines for the issuance and management of extended validation certificates. Accessed 20 Mar 2024 (2021)"},{"key":"867_CR6","unstructured":"CA|Browser (CAB) Forum. Baseline requirements for the issuance and management of publicly-trusted certificates. Accessed 20 Mar 2024. (2020)"},{"key":"867_CR7","doi-asserted-by":"crossref","unstructured":"Chau, S.Y., Chowdhury, O., Hoque, E., Ge, H., Kate, A., Nita-Rotaru, C. and Li, N.: Symcerts: practical symbolic execution for exposing noncompliance in x.509 certificate validation implementations. In: 2017 IEEE symposium on security and privacy (SP). pP 503\u2013520 (2017)","DOI":"10.1109\/SP.2017.40"},{"key":"867_CR8","doi-asserted-by":"crossref","unstructured":"Clark, J., Van Oorschot, P.C.: SoK: SSL and HTTPS: revisiting past challenges and evaluating certificate trust model enhancements. In: 2013 IEEE symposium on security and privacy. pp 511\u2013525 (2013)","DOI":"10.1109\/SP.2013.41"},{"key":"867_CR9","doi-asserted-by":"crossref","unstructured":"Dai, T., Shulman, H., Waidner, M.: Off-path attacks against PKI. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, CCS \u201918, pp 2213\u20132215, New York, NY, USA. Association for Computing Machinery (2018)","DOI":"10.1145\/3243734.3278516"},{"key":"867_CR10","doi-asserted-by":"crossref","unstructured":"Delignat-Lavaud, A., Abadi, M., Birrell, A., Mironov, I., Wobber, T., Xie, Y.: Web PKI: Closing the Gap between Guidelines and Practices. In Network and distributed system security symposium, NDSS Symposium (2014)","DOI":"10.14722\/ndss.2014.23305"},{"key":"867_CR11","doi-asserted-by":"crossref","unstructured":"Dong, Z., Kane, K. and Camp, L.J.: Detection of rogue certificates from trusted certificate authorities using deep neural networks. In: ACM transactions on privacy and security (TOPS), 19, September (2016)","DOI":"10.1145\/2975591"},{"key":"867_CR12","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., Kasten, J., Bailey, M. and Halderman, J.A.: Analysis of the HTTPS certificate ecosystem. In: Proceedings of the 2013 conference on internet measurement conference, IMC \u201913, pages 291\u2013304, New York, NY, USA (2013)","DOI":"10.1145\/2504730.2504755"},{"key":"867_CR13","unstructured":"Fisher, D.: DigiNotar says its CA infrastructure was compromised. Threatpost. Accessed 18 Mar 2024 (2011)"},{"key":"867_CR14","doi-asserted-by":"crossref","unstructured":"Friess, J., Schulmann, H., Waidner, M.: Revocation speedrun: how the webpki copes with fraudulent certificates. Proc. ACM Netw., 1(CoNEXT3) (2023)","DOI":"10.1145\/3629148"},{"key":"867_CR15","unstructured":"Gramstars. The 10 Best TLS\/SSL Certificates in 2022. Medium. Accessed 25 March 2024 (2023)"},{"key":"867_CR16","unstructured":"Hallam-Baker, P.; Comodo SSL affiliate the recent RA compromise. Comodo Cyber Security. Accessed 19 Mar 2024 (2011)"},{"key":"867_CR17","doi-asserted-by":"crossref","unstructured":"Hoffman, P. and Schlyter, J.: The DNS-based authentication of named entities (DANE) Transport Layer Security (TLS) Protocol: TLSA. RFC 6698. (2012)","DOI":"10.17487\/rfc6698"},{"key":"867_CR18","doi-asserted-by":"crossref","unstructured":"Holz, R., Braun, L., Kammenhuber, N. and Carle, G.: The SSL landscape: a thorough analysis of the X.509 PKI using active and passive measurements. In: Proceedings of the 2011 ACM SIGCOMM conference on internet measurement conference, IMC \u201911, page 427\u2013444, New York, NY, USA. Association for computing machinery (2011)","DOI":"10.1145\/2068816.2068856"},{"key":"867_CR19","unstructured":"https:\/\/towardsdatascience.com\/bayesian-ranking-system-77818e63b57b"},{"key":"867_CR20","unstructured":"Jenni McKinnon. The Most Popular SSL Certificate Authorities Reviewed. wpmudev. Accessed 20 Mar 2024 (2022)"},{"key":"867_CR21","doi-asserted-by":"crossref","unstructured":"Kim, D., Cho, H., Kwon, Y., Doup, A., Son, S., Ahn, G.J., Dumitras, T.: Security analysis on practices of certificate authorities in the HTTPS phishing ecosystem. In: Proceedings of the 2021 ACM Asia conference on computer and communications security. ASIA CCS \u201921, pp 407\u2013420, New York, NY, USA. Association for Computing Machinery (2021)","DOI":"10.1145\/3433210.3453100"},{"key":"867_CR22","doi-asserted-by":"crossref","unstructured":"Kumar, D., Wang, Z., Hyder, M., Dickinson, J., Beck, G., Adrian, D., Mason, J., Durumeric, Z., Halderman, J.A. and Bailey, M.: Tracking certificate misissuance in the wild. In: IEEE symposium on security and privacy (SP), pp 288\u2013301 (2018)","DOI":"10.1109\/SP.2018.00015"},{"key":"867_CR23","unstructured":"Larimer, J., Root, K.: Security and privacy in android apps. Accessed 20 March 2024 (2012)"},{"key":"867_CR24","doi-asserted-by":"crossref","unstructured":"Laurie, B., Langley, A., Kasper, E.: Certificate transparency. RFC 6962 (2013)","DOI":"10.17487\/rfc6962"},{"key":"867_CR25","unstructured":"Ma, Z., Mason, J., Patel, S., Antonakakis, M., Raykova, M., Durumeric, Z., Schoppmann, P., Bailey, M., Seth, K., Fahl, S. and Yeo, K.: What\u2019s in a name? Exploring CA certificate control. In 30th USENIX Security Symposium (USENIX Security 21), pp 4383\u20134400. USENIX Association (2021)"},{"key":"867_CR26","unstructured":"Mark, P.: Best SSL certificate services to buy from in 2024: get the cheapest price today. TechRadar.pro. Accessed 20 Mar 2024. (2024)"},{"key":"867_CR27","unstructured":"Microsoft. Microsoft security advisory 2798897: fraudulent digital certificates could allow spoofing. Microsoft Docs. Accessed 20 March 2024 (2013)"},{"key":"867_CR28","unstructured":"Ness, J.: Flame malware collision attack explained. Microsoft Security Response Center. Accessed 19 Mar 2024 (2012)"},{"key":"867_CR29","unstructured":"Qin, D.G.W., Sujit, U.N., Jie, L., Singh, T.E.J.A.S.W.I.: Vulnerabilities and attacks on PKI. CS2107-Semester IV 2014\u20132015. Accessed 20 Mar 2024 (2014)"},{"key":"867_CR30","unstructured":"Sharon, B., Stefan, S., Tim P., Russ H., Stephen F., David C.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) Profile. RFC 5280 (2008)"},{"key":"867_CR31","unstructured":"Sharon, B., Stefan, S., Tim, P., Russ, H., Stephen, F., David, C.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (2008)"},{"key":"867_CR32","unstructured":"The ZMap Project. Command line utility for parsing certificates. GitHub. Accessed 18 Mar 2024"},{"key":"867_CR33","unstructured":"W3Techs - Web Techonology Surveys. Usage statistics of SSL certificate authorities for websites. Accessed 20 Mar 2024 (2024)"},{"key":"867_CR34","unstructured":"W3Techs - Web Techonology Surveys. Usage Survey of SSL Certificate Authorities broken down by Ranking. Accessed 20 Mar 2024 (2020)"},{"key":"867_CR35","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2020.110609","volume":"167","author":"Y Wang","year":"2020","unstructured":"Wang, Y., Guangquan, X., Liu, X.-T., Mao, W., Si, C., Pedrycz, W., Wang, W.: Identifying vulnerabilities of ssl\/tls certificate verification in android apps with static and dynamic analysis. J. Syst. Softw. 167, 110609 (2020)","journal-title":"J. Syst. Softw."}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00867-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-024-00867-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00867-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,15]],"date-time":"2024-07-15T03:18:09Z","timestamp":1721013489000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-024-00867-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,29]]},"references-count":35,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2024,8]]}},"alternative-id":["867"],"URL":"https:\/\/doi.org\/10.1007\/s10207-024-00867-3","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,5,29]]},"assertion":[{"value":"29 May 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"We declare that we have no Conflict of interest that could influence the interpretation or evaluation of the results presented in this manuscript. Conflict of interest include, but are not limited to, financial, personal, or professional relationships that may have influenced the work or could be perceived to have influenced the work.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This research adheres to the ethical standards and guidelines established by relevant bodies within the web Public Key Infrastructure (PKI) ecosystem. We affirm that the research conducted is in full compliance with the ethical standards and principles outlined in the relevant documents and guidelines within the web PKI, RFC, and CAB Forum guidelines. The ranking is based on purely compliance standards; we did not disclose any CA private information, nor did we disclose any registrant privacy.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical standards"}}]}}