{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T18:36:17Z","timestamp":1773254177036,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,11,3]],"date-time":"2014-11-03T00:00:00Z","timestamp":1414972800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CNS-1118046"],"award-info":[{"award-number":["CNS-1118046"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CNS-1254198"],"award-info":[{"award-number":["CNS-1254198"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,11,3]]},"DOI":"10.1145\/2660267.2660338","type":"proceedings-article","created":{"date-parts":[[2014,11,11]],"date-time":"2014-11-11T13:40:05Z","timestamp":1415713205000},"page":"394-405","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":29,"title":["Securing SSL Certificate Verification through Dynamic Linking"],"prefix":"10.1145","author":[{"given":"Adam","family":"Bates","sequence":"first","affiliation":[{"name":"University of Florida, Gainesville, FL, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Joe","family":"Pletcher","sequence":"additional","affiliation":[{"name":"University of Oregon, Eugene, OR, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tyler","family":"Nichols","sequence":"additional","affiliation":[{"name":"University of Oregon, Eugene, OR, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Braden","family":"Hollembaek","sequence":"additional","affiliation":[{"name":"iSEC Partners, Seattle, WA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dave","family":"Tian","sequence":"additional","affiliation":[{"name":"University of Florida, Gainesville, FL, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kevin R.B.","family":"Butler","sequence":"additional","affiliation":[{"name":"University of Florida, Gainesville, FL, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Abdulrahman","family":"Alkhelaifi","sequence":"additional","affiliation":[{"name":"University of Oregon, Eugene, OR, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2014,11,3]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"libconfig - c\/c++ configuration file library. Available:http:\/\/www.hyperrealm.com\/libconfig\/.  libconfig - c\/c++ configuration file library. Available:http:\/\/www.hyperrealm.com\/libconfig\/."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2488388.2488395"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2009.5202224"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523665"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"Arkko J. and \n      \n      \n      Nikander P\n      \n  \n  . \n  Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties\n  . In Security Protocols B. Christianson B. Crispo J. Malcolm and M. Roe Eds. vol. \n  2845\n   of \n  Lecture Notes in Computer Science\n  . \n  Springer Berlin Heidelberg 2004 pp. \n  5\n  --\n  19\n  .  Arkko J. and Nikander P. Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties. In Security Protocols B. Christianson B. Crispo J. Malcolm and M. Roe Eds. vol. 2845 of Lecture Notes in Computer Science. Springer Berlin Heidelberg 2004 pp. 5--19.","DOI":"10.1007\/978-3-540-39871-4_3"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2024569.2024572"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.15"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1177\/109434200001400404"},{"key":"e_1_3_2_1_9_1","unstructured":"Carly R. Internet Security provider Comodo's CEO Named \"Entrepreneur of the Year\" by Info Security Products Guide. Available: http:\/\/www.comodo.com\/news\/press_releases\/2011\/02\/comodo-CEO-entrepreneur-of-the-Year-infosecurity-global-excellence-award.html February 2011.  Carly R. Internet Security provider Comodo's CEO Named \"Entrepreneur of the Year\" by Info Security Products Guide. Available: http:\/\/www.comodo.com\/news\/press_releases\/2011\/02\/comodo-CEO-entrepreneur-of-the-Year-infosecurity-global-excellence-award.html February 2011."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.41"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"crossref","unstructured":"Conti M. Dragoni N. and \n      \n      \n      Gottardo S\n      \n  \n  . \n  MITHYS: Mind The Hand You Shake - Protecting Mobile Devices from SSL Usage Vulnerabilities\n  . In Security and Trust Management R. Accorsi and S. Ranise Eds. vol. \n  8203\n   of \n  Lecture Notes in Computer Science\n  . \n  Springer Berlin Heidelberg 2013 pp. \n  65\n  --\n  81\n  .  Conti M. Dragoni N. and Gottardo S. MITHYS: Mind The Hand You Shake - Protecting Mobile Devices from SSL Usage Vulnerabilities. In Security and Trust Management R. Accorsi and S. Ranise Eds. vol. 8203 of Lecture Notes in Computer Science. Springer Berlin Heidelberg 2013 pp. 65--81.","DOI":"10.1007\/978-3-642-41098-7_5"},{"key":"e_1_3_2_1_12_1","unstructured":"Ducklin P. The TURKTRUST SSL Certificate Fiasco { What Really Happened and What Happens Next? Available: http:\/\/nakedsecurity.sophos.com\/2013\/01\/08\/Available: the-turktrust-ssl-certificate-fiasco-what-happened-and-what-happens-next\/ January 2013.  Ducklin P. The TURKTRUST SSL Certificate Fiasco { What Really Happened and What Happens Next? Available: http:\/\/nakedsecurity.sophos.com\/2013\/01\/08\/Available: the-turktrust-ssl-certificate-fiasco-what-happened-and-what-happens-next\/ January 2013."},{"key":"e_1_3_2_1_13_1","unstructured":"Eastlake D. etal Transport Layer Security (TLS) Extensions: Extension Definitions.  Eastlake D. et al. Transport Layer Security (TLS) Extensions: Extension Definitions."},{"key":"e_1_3_2_1_14_1","unstructured":"Eckersley P. Sovereign Key Cryptography for Internet Domains 2011.  Eckersley P. Sovereign Key Cryptography for Internet Domains 2011."},{"key":"e_1_3_2_1_15_1","unstructured":"Edge J. Mozilla and CNNIC. Available: http:\/\/lwn.net\/Articles\/372386\/ February 2010.  Edge J. Mozilla and CNNIC. Available: http:\/\/lwn.net\/Articles\/372386\/ February 2010."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382205"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516655"},{"key":"e_1_3_2_1_18_1","unstructured":"Fisher D. Microsoft Revokes Trust in Five Diginotar Root Certs. Wired. Available: http:\/\/threatpost.com\/microsoft-revokes-trust-five-diginotar-root-certs-mozilla-drops-trust-staat-der-nederland-cert September 2011.  Fisher D. Microsoft Revokes Trust in Five Diginotar Root Certs. Wired. Available: http:\/\/threatpost.com\/microsoft-revokes-trust-five-diginotar-root-certs-mozilla-drops-trust-staat-der-nederland-cert September 2011."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382204"},{"key":"e_1_3_2_1_20_1","unstructured":"Gibbs S. Heartbleed Bug: What Do You Actually Need to do to Stay Secure? Available: http:\/\/www.theguardian.com\/technology\/2014\/apr\/10\/heartbleed-bug-everything-you-need-to-know-to-stay-secure.  Gibbs S. Heartbleed Bug: What Do You Actually Need to do to Stay Secure? Available: http:\/\/www.theguardian.com\/technology\/2014\/apr\/10\/heartbleed-bug-everything-you-need-to-know-to-stay-secure."},{"key":"e_1_3_2_1_21_1","unstructured":"Grigg I. VeriSign's Conflict of Interest Creates New Threat. Financial Cryptography 1 (September 2004).  Grigg I. VeriSign's Conflict of Interest Creates New Threat. Financial Cryptography 1 (September 2004)."},{"key":"e_1_3_2_1_22_1","first-page":"501","author":"Hickman K.","year":"1995","journal-title":"The SSL Protocol. Netscape Communications Corp"},{"key":"e_1_3_2_1_23_1","volume-title":"August, 2012.","author":"Hoffman P."},{"key":"e_1_3_2_1_24_1","unstructured":"Huang L.-S. Rice A. Ellingsen E. and Jackson C. Analyzing Forged SSL Certificates in the Wild.  Huang L.-S. Rice A. Ellingsen E. and Jackson C. Analyzing Forged SSL Certificates in the Wild."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISPASS.2010.5452024"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"Laurie B. Langley A. and Kasper E. Certificate Transparency. Available: ietf. org-Certificate Transparency (06.01. 2013) (2013).  Laurie B. Langley A. and Kasper E. Certificate Transparency. Available: ietf. org-Certificate Transparency (06.01. 2013) (2013).","DOI":"10.17487\/rfc6962"},{"key":"e_1_3_2_1_27_1","unstructured":"Liang J. Jiang J. Duan H. Li K. Wan T. and Wu J. When HTTPS Meets CDN: A Case of Authentication in Delegated Service.  Liang J. Jiang J. Duan H. Li K. Wan T. and Wu J. When HTTPS Meets CDN: A Case of Authentication in Delegated Service."},{"key":"e_1_3_2_1_28_1","unstructured":"Marlinspike M. More tricks for defeating SSL in practice. Black Hat USA (2009).  Marlinspike M. More tricks for defeating SSL in practice. Black Hat USA (2009)."},{"key":"e_1_3_2_1_29_1","unstructured":"Marlinspike M. New tricks for defeating SSL in practice. BlackHat DC (Feb. 2009).  Marlinspike M. New tricks for defeating SSL in practice. BlackHat DC (Feb. 2009)."},{"key":"e_1_3_2_1_30_1","unstructured":"Marlinspike M. SSL and the Future of Authenticity. Black Hat USA (2011).  Marlinspike M. SSL and the Future of Authenticity. Black Hat USA (2011)."},{"key":"e_1_3_2_1_31_1","unstructured":"Marlinspike M. Trust Assertions for Certificate Keys.  Marlinspike M. Trust Assertions for Certificate Keys."},{"key":"e_1_3_2_1_32_1","unstructured":"Mills E. Comodo: Web Attack Broader Than Initially Thought. CNET. Available: http:\/\/news.cnet.com\/8301--27080_3--20048831--245. html?part=rss&tag=feed&subj=InSecurityComplex March 2011.  Mills E. Comodo: Web Attack Broader Than Initially Thought. CNET. Available: http:\/\/news.cnet.com\/8301--27080_3--20048831--245. html?part=rss&tag=feed&subj=InSecurityComplex March 2011."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"crossref","first-page":"165","DOI":"10.1007\/BFb0055480","volume-title":"Financial Cryptography","author":"Myers M.","year":"1998"},{"key":"e_1_3_2_1_34_1","unstructured":"Pennarun A. Allombert B. and Reinholdtsen P. Ubuntu Popularity Contest. Available: http:\/\/popcon.ubuntu.com\/.  Pennarun A. Allombert B. and Reinholdtsen P. Ubuntu Popularity Contest. Available: http:\/\/popcon.ubuntu.com\/."},{"key":"e_1_3_2_1_35_1","unstructured":"Pieter Lexis. SWEDE - A Tool To Create and Verify TLSA (DANE) Records. Available: https:\/\/github.com\/pieterlexis\/swede.  Pieter Lexis. SWEDE - A Tool To Create and Verify TLSA (DANE) Records. Available: https:\/\/github.com\/pieterlexis\/swede."},{"key":"e_1_3_2_1_36_1","first-page":"231","volume-title":"Preventing Privilege Escalation. In Proceedings of the 12th USENIX Security Symposium","author":"Provos N.","year":"2003"},{"key":"e_1_3_2_1_37_1","unstructured":"Psyced.org. Certificate Patrol. Available: http:\/\/patrol.psyced.org\/.  Psyced.org. Certificate Patrol. Available: http:\/\/patrol.psyced.org\/."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.5555\/647502.728327"},{"key":"e_1_3_2_1_39_1","unstructured":"Sandvik R. Security Vulnerability Found in Cyberoam DPI Devices (CVE-2012--3372). Available: https:\/\/blog.torproject.org\/blog\/security- vulnerability-found-cyberoam-dpi-devices-cve- 2012--3372 July 2012.  Sandvik R. Security Vulnerability Found in Cyberoam DPI Devices (CVE-2012--3372). Available: https:\/\/blog.torproject.org\/blog\/security- vulnerability-found-cyberoam-dpi-devices-cve- 2012--3372 July 2012."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2007.4455018"},{"key":"e_1_3_2_1_41_1","unstructured":"Singel R. Law Enforcement Appliance Subverts SSL. Available: http:\/\/www.wired.com\/threatlevel\/ 2010\/03\/packet-forensics March 2010.  Singel R. Law Enforcement Appliance Subverts SSL. Available: http:\/\/www.wired.com\/threatlevel\/ 2010\/03\/packet-forensics March 2010."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-27576-0_20"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23205"},{"key":"e_1_3_2_1_44_1","unstructured":"SPARTA Inc. DNSSECTools: DNSSEC Software Libraries and Tools. Available: http:\/\/www.dnssec-tools.org\/.  SPARTA Inc. DNSSECTools: DNSSEC Software Libraries and Tools. Available: http:\/\/www.dnssec-tools.org\/."},{"key":"e_1_3_2_1_45_1","first-page":"79","author":"Vratonjic N.","year":"2013","journal-title":"Ed. Springer New York"},{"key":"e_1_3_2_1_46_1","volume-title":"Proceedings of the 19th USENIX Security Symposium","author":"Watson R.","year":"2010"},{"key":"e_1_3_2_1_47_1","first-page":"321","volume-title":"Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing. In USENIX 2008 Annual Technical Conference (Boston, MA, 2008), ATC'08","author":"Wendlandt D."}],"event":{"name":"CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security","location":"Scottsdale Arizona USA","acronym":"CCS'14","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2660267.2660338","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2660267.2660338","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:56:10Z","timestamp":1750229770000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2660267.2660338"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,11,3]]},"references-count":47,"alternative-id":["10.1145\/2660267.2660338","10.1145\/2660267"],"URL":"https:\/\/doi.org\/10.1145\/2660267.2660338","relation":{},"subject":[],"published":{"date-parts":[[2014,11,3]]},"assertion":[{"value":"2014-11-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}