Abstract

Pouyan Fotouhi Tehrani, Eric Osterweil, Thomas C. Schmidt, Matthias Wählisch,
How to Measure TLS, X.509 Certificates, and Web PKI: A Tutorial and Brief Survey,
Technical Report, No. 2401.18053, Open Archive: arXiv.org, January 2024.
[pdf][BibTeX][Abstract]

Abstract: Transport Layer Security (TLS) is the base for many Internet applications and services to achieve end-to-end security. In this paper, we provide guidance on how to measure TLS deployments, including X.509 certificates and Web PKI. We introduce common data sources and tools, and systematically describe necessary steps to conduct sound measurements and data analysis. By surveying prior TLS measurement studies we find that diverging results are rather rooted in different setups instead of different deployments. To improve the situation, we identify common pitfalls and introduce a framework to describe TLS and Web PKI measurements. Where necessary, our insights are bolstered by a data-driven approach, in which we complement arguments by additional measurements.

Themes: Internet Measurement and Analysis , Network Security

 


This page generated by bibTOhtml on Wed 29 May 2024 12:05:05 AM UTC