Security issues with certificate authorities | IEEE Conference Publication | IEEE Xplore

Security issues with certificate authorities


Abstract:

The current state of the internet relies heavily on SSL/TLS and the certificate authority model. This model has systematic problems, both in its design as well as its imp...Show More

Abstract:

The current state of the internet relies heavily on SSL/TLS and the certificate authority model. This model has systematic problems, both in its design as well as its implementation. There are problems with certificate revocation, certificate authority governance, breaches, poor security practices, single points of failure and with root stores. This paper begins with a general introduction to SSL/TLS and a description of the role of certificates, certificate authorities and root stores in the current model. This paper will then explore problems with the current model and describe work being done to help mitigate these problems.
Date of Conference: 19-21 October 2017
Date Added to IEEE Xplore: 08 January 2018
ISBN Information:
Conference Location: New York, NY, USA

References

References is not available for this document.