The publication In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements has been awarded with the Best Paper Award at the Passive and Active Measurement Conference (PAM’18).
The publication evaluates the security of certificate in Certificate Transparency (CT) logs. The team downloads 600 million certificate entries from 30 different CT logs and evaluates their compliance to the industry’s Baseline Requirements. The Baseline Requirements define standards for HTTPS certificates and issuing processes, such as minimum key lengths or maximum duration of certificates. Additionally, the authors perform active HTTPS measurements and compare CT logs to actual deployment spanning from 2009 to 2017. Moreover, the team analyzes inclusion of non-HTTPS certificates and CT logs and provides a CT-extended IPv6 hitlist for public download