{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T18:03:39Z","timestamp":1773857019664,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":32,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,11,2]],"date-time":"2011-11-02T00:00:00Z","timestamp":1320192000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,11,2]]},"DOI":"10.1145\/2068816.2068856","type":"proceedings-article","created":{"date-parts":[[2011,11,16]],"date-time":"2011-11-16T10:40:21Z","timestamp":1321440021000},"page":"427-444","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":139,"title":["The SSL landscape"],"prefix":"10.1145","author":[{"given":"Ralph","family":"Holz","sequence":"first","affiliation":[{"name":"Technische Universit\u00e4t M\u00fcnchen, Garching bei M\u00fcnchen, Germany"}]},{"given":"Lothar","family":"Braun","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t M\u00fcnchen, Garching bei M\u00fcnchen, Germany"}]},{"given":"Nils","family":"Kammenhuber","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t M\u00fcnchen, Garching bei M\u00fcnchen, Germany"}]},{"given":"Georg","family":"Carle","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t M\u00fcnchen, Garching bei M\u00fcnchen, Germany"}]}],"member":"320","published-online":{"date-parts":[[2011,11,2]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"D. Cooper S. Santesson S. Farrell S. Boeyen R. Housley and W. Polk \"Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile \" RFC 5280 (Proposed Standard) May 2008.  D. Cooper S. Santesson S. Farrell S. Boeyen R. Housley and W. Polk \"Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile \" RFC 5280 (Proposed Standard) May 2008.","DOI":"10.17487\/rfc5280"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"crossref","unstructured":"T. Dierks and E. Rescorla \"The transport layer security (TLS) protocol version 1.2 \" RFC 5246 (Proposed Standard) Aug. 2008 updated by RFCs 5746 5878 6176.  T. Dierks and E. Rescorla \"The transport layer security (TLS) protocol version 1.2 \" RFC 5246 (Proposed Standard) Aug. 2008 updated by RFCs 5746 5878 6176.","DOI":"10.17487\/rfc5246"},{"key":"e_1_3_2_1_3_1","unstructured":"J. Appelbaum \"Detecting certificate authority compromises and web browser collusion \" Blog entry: https:\/\/blog.torproject.org\/blog\/detecting-certificate-authority-compromises-and-web-browser-collusion 2011 {online; last retrieved in May 2011}.  J. Appelbaum \"Detecting certificate authority compromises and web browser collusion \" Blog entry: https:\/\/blog.torproject.org\/blog\/detecting-certificate-authority-compromises-and-web-browser-collusion 2011 {online; last retrieved in May 2011}."},{"key":"e_1_3_2_1_4_1","unstructured":"M. S. Blog \"DigiNotar removal follow up \" https:\/\/blog.mozilla.com\/security\/2011\/09\/02\/diginotar-removal-follow-up\/ {online; last retrieved in September 2011} 2011.  M. S. Blog \"DigiNotar removal follow up \" https:\/\/blog.mozilla.com\/security\/2011\/09\/02\/diginotar-removal-follow-up\/ {online; last retrieved in September 2011} 2011."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1719030.1719050"},{"issue":"1","key":"e_1_3_2_1_6_1","first-page":"1","article-title":"Ten risks of PKI: What you're not being told about public key infrastructure","volume":"16","author":"Ellison C.","year":"2000","journal-title":"Computer Security Journal"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2002.1023787"},{"key":"e_1_3_2_1_8_1","unstructured":"P. Eckersley and J. Burns \"An observatory for the SSLiverse \" Talk at Defcon 18. July 2010 {last retrieved in May 2011}. {Online}. Available: https:\/\/www.eff.org\/files\/DefconSSLiverse.pdf  P. Eckersley and J. Burns \"An observatory for the SSLiverse \" Talk at Defcon 18. July 2010 {last retrieved in May 2011}. {Online}. Available: https:\/\/www.eff.org\/files\/DefconSSLiverse.pdf"},{"key":"e_1_3_2_1_9_1","unstructured":"P. Eckersley and J. Burns \"Is the SSLiverse a safe place?\" Talk at 27C3. Slides from https:\/\/www.eff.org\/files\/ccc2010.pdf {online; last retrieved in May 2011} 2010.  P. Eckersley and J. Burns \"Is the SSLiverse a safe place?\" Talk at 27C3. Slides from https:\/\/www.eff.org\/files\/ccc2010.pdf {online; last retrieved in May 2011} 2010."},{"key":"e_1_3_2_1_10_1","unstructured":"I. Ristic \"Internet SSL Survey 2010 \" Talk at BlackHat 2010. Slides from https:\/\/media.blackhat.com\/bh-us-10\/presentations\/Ristic\/BlackHat-USA-2010-Ristic-Qualys-SSL-Survey-HTTP-Rating-Guide-slides.pdf 2010 {online; last retrieved in May 2011}.  I. Ristic \"Internet SSL Survey 2010 \" Talk at BlackHat 2010. Slides from https:\/\/media.blackhat.com\/bh-us-10\/presentations\/Ristic\/BlackHat-USA-2010-Ristic-Qualys-SSL-Survey-HTTP-Rating-Guide-slides.pdf 2010 {online; last retrieved in May 2011}."},{"key":"e_1_3_2_1_11_1","unstructured":"I. Ristic \"State of SSL \" Talk at InfoSec World 2011. Slides from http:\/\/blog.ivanristic.com\/Qualys_SSL_Labs-State_of_SSL_InfoSec_World_April_2011.pdf 2011 {online; last retrieved in May 2011}.  I. Ristic \"State of SSL \" Talk at InfoSec World 2011. Slides from http:\/\/blog.ivanristic.com\/Qualys_SSL_Labs-State_of_SSL_InfoSec_World_April_2011.pdf 2011 {online; last retrieved in May 2011}."},{"key":"e_1_3_2_1_12_1","unstructured":"Alexa Internet Inc. \"Top 1 000 000 sites (updated daily) \" http:\/\/s3.amazonaws.com\/alexa-static\/top-1m.csv.zip 2009--2011 {online; last retrieved in May 2011}.  Alexa Internet Inc. \"Top 1 000 000 sites (updated daily) \" http:\/\/s3.amazonaws.com\/alexa-static\/top-1m.csv.zip 2009--2011 {online; last retrieved in May 2011}."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1298306.1298318"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1644893.1644896"},{"key":"e_1_3_2_1_15_1","unstructured":"Data sets of active scans http:\/\/pki.net.in.tum.de 2011.  Data sets of active scans http:\/\/pki.net.in.tum.de 2011."},{"key":"e_1_3_2_1_16_1","unstructured":"A. Croll and S. Power Complete Web Monitoring.\\hskip 1em plus 0.5em minus 0.4em\\relax O'Reilly Media 2009.  A. Croll and S. Power Complete Web Monitoring.\\hskip 1em plus 0.5em minus 0.4em\\relax O'Reilly Media 2009."},{"key":"e_1_3_2_1_17_1","volume-title":"IEEE\/IFIP Network Operations and Management Symposium (NOMS)","author":"Braun L.","year":"2010"},{"key":"e_1_3_2_1_18_1","volume-title":"5th ACM SIGCOMM Conference on Internet Measurement (IMC 2005","author":"Kornexl S.","year":"2005"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879168"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879169"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"e_1_3_2_1_22_1","volume-title":"USENIX Security Symposium","author":"Dreger H.","year":"2006"},{"key":"e_1_3_2_1_23_1","unstructured":"Planet Lab \"Planet Lab web site \" https:\/\/www.planet-lab.org {online; last retrieved in May 2011}.  Planet Lab \"Planet Lab web site \" https:\/\/www.planet-lab.org {online; last retrieved in May 2011}."},{"key":"e_1_3_2_1_24_1","unstructured":"The International Grid Trust Federation \"IGTF web site \" http:\/\/www.igtf.net\/ {online; last retrieved in May 2011}.  The International Grid Trust Federation \"IGTF web site \" http:\/\/www.igtf.net\/ {online; last retrieved in May 2011}."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10623-008-9206-6"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"E. Rescorla \"HTTP over TLS \" RFC 2818 (Informational) 2000.   E. Rescorla \"HTTP over TLS \" RFC 2818 (Informational) 2000.","DOI":"10.17487\/rfc2818"},{"key":"e_1_3_2_1_27_1","unstructured":"CA\/Browser Forum \"EV SSL certificate guidelines version 1.3 \" http:\/\/www.cabforum.org\/Guidelines\\_v1\\_3.pdf 2010 {online; last retrieved in May 2011}.  CA\/Browser Forum \"EV SSL certificate guidelines version 1.3 \" http:\/\/www.cabforum.org\/Guidelines\\_v1\\_3.pdf 2010 {online; last retrieved in May 2011}."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-72540-4_1"},{"key":"e_1_3_2_1_29_1","unstructured":"NIST \"Approved Algorithms \"http:\/\/csrc.nist.gov\/groups\/ST\/toolkit\/secure\\_hashing.html 2006 {online; last retrieved in May 2011}.  NIST \"Approved Algorithms \"http:\/\/csrc.nist.gov\/groups\/ST\/toolkit\/secure\\_hashing.html 2006 {online; last retrieved in May 2011}."},{"key":"e_1_3_2_1_30_1","unstructured":"A. Sotirov M. Stevens J. Appelbaum A. Lenstra D. Molnar D. A. Osvik and B. de Weger \"MD5 considered harmful today \" http:\/\/dl.packetstormsecurity.net\/papers\/attack\/md5-considered-harmful.pdf 2008 {online; last retrieved in May 2011}.  A. Sotirov M. Stevens J. Appelbaum A. Lenstra D. Molnar D. A. Osvik and B. de Weger \"MD5 considered harmful today \" http:\/\/dl.packetstormsecurity.net\/papers\/attack\/md5-considered-harmful.pdf 2008 {online; last retrieved in May 2011}."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"crossref","unstructured":"T.\n       \n      Kleinjung K.\n       \n      Aoki J.\n       \n      Franke A.\n       \n      Lenstra E.\n       \n      Thom\u00e9 J.\n       \n      Bos P.\n       \n      Gaudry A.\n       \n      Kruppa P.\n       \n      Montgomery D.\n       \n      Osvik H.\n\n  \n   \n  te Riele A. Timofeev and P. Zimmermann \"Factorization of a 768-bit RSA modulus \" in Advances in Cryptology -- CRYPTO\n   \n  2010 ser. Lecture Notes in Computer Science\n  .\\hskip 1em plus 0.5em minus 0.4em\\relax \n  Springer Berlin \/ Heidelberg 2010 vol. \n  6223 pp. \n  333\n  --\n  350\n  .   T. Kleinjung K. Aoki J. Franke A. Lenstra E. Thom\u00e9 J. Bos P. Gaudry A. Kruppa P. Montgomery D. Osvik H. te Riele A. Timofeev and P. Zimmermann \"Factorization of a 768-bit RSA modulus \" in Advances in Cryptology -- CRYPTO 2010 ser. Lecture Notes in Computer Science.\\hskip 1em plus 0.5em minus 0.4em\\relax Springer Berlin \/ Heidelberg 2010 vol. 6223 pp. 333--350.","DOI":"10.1007\/978-3-642-14623-7_18"},{"key":"e_1_3_2_1_32_1","unstructured":"NIST \"Special publications (800 Series) \" http:\/\/csrc.nist.gov\/publications\/PubsSPs.html 2011 {online; last retrieved in May 2011}.  NIST \"Special publications (800 Series) \" http:\/\/csrc.nist.gov\/publications\/PubsSPs.html 2011 {online; last retrieved in May 2011}."}],"event":{"name":"IMC '11: Internet Measurement Conference","location":"Berlin Germany","acronym":"IMC '11","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication","USENIX Assoc USENIX Assoc"]},"container-title":["Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2068816.2068856","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2068816.2068856","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:54:24Z","timestamp":1750240464000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2068816.2068856"}},"subtitle":["a thorough analysis of the x.509 PKI using active and passive measurements"],"short-title":[],"issued":{"date-parts":[[2011,11,2]]},"references-count":32,"alternative-id":["10.1145\/2068816.2068856","10.1145\/2068816"],"URL":"https:\/\/doi.org\/10.1145\/2068816.2068856","relation":{},"subject":[],"published":{"date-parts":[[2011,11,2]]},"assertion":[{"value":"2011-11-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}