论文信息 - The need of European White Knights for the TLS/SSL Certificate System

The need of European White Knights for the TLS/SSL Certificate System

Certificate Transparency ([16]), an open framework promoted by Google Inc. for monitoring and auditing SSL / TLS certificates, has a massive impact on the trust model of the internet ecosystem. As of March 2015, the implementation of this framework is required by the Internet browser Chrome for all Extended Validation Certificates (EVC-SSL). In this paper, the concepts and the structure of Certificate Transparency are explained and the impact on the existing players in the SSL / TLS ecosystem are discussed.

Arno Fiedler | Christoph Thiel

[1] Ben Laurie. Certificate Transparency , 2014, ACM Queue.

[2] Claudia Eckert,et al. IT Sicherheit : Konzepte, Verfahren, Protokolle , 2007 .

[3] Paul E. Hoffman,et al. The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA , 2012, RFC.

[4] Daniel J. Barrett,et al. Ssh, the secure shell: the definitive guide, second edition , 2005 .

[5] J. Ball,et al. Revealed: How US and UK Spy Agencies Defeat Internet Privacy and Security , 2013 .

[6] Eric Rescorla,et al. SSL and TLS: Designing and Building Secure Systems , 2000 .

[7] Alfredo Pironti,et al. Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS , 2014, 2014 IEEE Symposium on Security and Privacy.