Abstract
Today, Transport-Layer Security (TLS) is the bedrock of Internet security for the web and web-derived applications. TLS depends on the X.509 Public Key Infrastructure (PKI) to authenticate endpoint identity. An essential part of a PKI is the ability to quickly revoke certificates, for example, after a key compromise. Today the Online Certificate Status Protocol (OCSP) is the most common way to quickly distribute revocation information. However, prior and current concerns about OCSP latency and privacy raise questions about its use. We examine OCSP using passive network monitoring of live traffic at the Internet uplink of a large research university and verify the results using active scans. Our measurements show that the median latency of OCSP queries is quite good: only 20 ms today, much less than the 291 ms observed in 2012. This improvement is because content delivery networks (CDNs) serve most OCSP traffic today; our measurements show 94 % of queries are served by CDNs. We also show that OCSP use is ubiquitous today: it is used by all popular web browsers, as well as important non-web applications such as MS-Windows code signing.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Network security services. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
The Bro network security monitor. https://www.bro.org
Project Sonar: IPv4 SSL certificates, August 2015. https://scans.io/study/sonar.ssl
Akhawe, D., Amann, J., Vallentin, M., Sommer, R.: Here’s my cert, so trust me, maybe? Understanding TLS errors on the web. In: WWW, May 2013
Arthur, C.: DigiNotar SSL certificate hack amounts to cyberwar, saysexpert, September 2011. http://www.theguardian.com/technology/2011/sep/05/diginotar-certificate-hack-cyberwar
Bhat, S.: Gmail users in Iran hit by MITM attacks, August 2011. http://techie-buzz.com/tech-news/gmail-iran-hit-mitm.html
Comodo. Comodo fraud incident, March 2011. https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280, May 2008
Durumeric, Z., Kasten, J., Adrian, D., Halderman, J.A., Bailey, M., Li, F., Weaver, N., Amann, J., Beekman, J., Payer, M., Paxson, V.: The matter of Heartbleed. In: ACM IMC (2014)
Holz, R., Braun, L., Kammenhuber, N., Carle, G.: The SSL landscape: a thorough analysis of the X.509 PKI using active and passive measurements. In: ACM SIGCOMM (2011)
Langley, A.: Revocation checking and Chrome’s CRL, February 2012. https://www.imperialviolet.org/2012/02/05/crlsets.html
Liu, Y., Tome, W., Zhang, L., Choffnes, D., Levin, D., Maggs, B., Mislove, A., Schulman, A., Wilson, C.: An end-to-end measurement of certificate revocation in the web’s PKI. In: ACM IMC (2015)
Netcraft. Certificate revocation and the performance of OCSP. http://news.netcraft.com/archives/2013/04/16/certificate-revocation-and-the-performance-of-ocsp.html
Netcraft. OCSP server performance in April 2013. http://news.netcraft.com/archives/2013/05/23/ocsp-server-performance-in-april-2013.html
Paxson, V.: Bro: a system for detecting network intruders in real-time. Comput. Netw. 31(23–24), 2435–2463 (1999)
Perl, H., Fahl, S., Smith, M.: You wont be needing these any more: on removing unused certificates from trust stores. In: FC (2014)
Pettersen, Y.: The transport layer security (TLS) multiple certificate status request extension. RFC 6961 (2013)
Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 internet public key infrastructure online certificate status protocol - OCSP. RFC 6960, June 2013
Schulman, A., Levin, D., Spring, N.: RevCast: fast, private certificate revocation over FM radio. In: ACM CCS (2014)
Stark, E., Huang, L.-S., Israni, D., Jackson, C., Boneh, D.: The case for prefetching and prevalidating TLS server certificates. In: NDSS (2012)
Topalovic, E., Saeta, B., Huang, L.-S., Jackson, C., Boneh, D.: Towards short-lived certificates. In: W2SPP (2012)
Wikipedia. Code signing. https://en.wikipedia.org/wiki/Code_signing
Yilek, S., Rescorla, E., Shacham, H., Enright, B., Savage, S.: When private keys are public: results from the 2008 Debian OpenSSL vulnerability. In: ACM IMC (2009)
Zhang, L., Choffnes, D., Levin, D., Dumitras, T., Mislove, A., Schulman, A., Wilson, C.: Analysis of SSL certificate reissues and revocations in the wake of heartbleed. In: ACM IMC (2014)
Acknowledgments
This work was supported by the National Science Foundation (NSF) under grant numbers CNS-1528156 and ACI-1348077, by the Department of Homeland Security (DHS) Science and Technology Directorate, HSARPA, Cyber Security Division, via SPAWAR Systems Center Pacific (contract N66001-13-C-3001), and via BAA 11-01-RIKA and Air Force Research Laboratory, Information Directorate (agreements FA8750-12-2-0344 and FA8750-15-2-0224). The U.S. Government is authorized to make reprints for governmental purposes notwithstanding any copyright. The views contained herein are those of the authors and do not necessarily represent those of NSF, DHS or the U.S. Government.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Zhu, L., Amann, J., Heidemann, J. (2016). Measuring the Latency and Pervasiveness of TLS Certificate Revocation. In: Karagiannis, T., Dimitropoulos, X. (eds) Passive and Active Measurement. PAM 2016. Lecture Notes in Computer Science(), vol 9631. Springer, Cham. https://doi.org/10.1007/978-3-319-30505-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-30505-9_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-30504-2
Online ISBN: 978-3-319-30505-9
eBook Packages: Computer ScienceComputer Science (R0)