| Publisher DOI: | 10.1109/MSEC.2025.3531232 | Title: | A call to reconsider certification authority authorization | Language: | English | Authors: | Tehrani, Pouyan Fotouhi Hiesgen, Raphael Schmidt, Thomas C.  Wählisch, Matthias |
Keywords: | Domain Name System; Certification; Security; Semantics; Prevention and mitigation; Threat modeling; Authentication; Syntactics; Authorization; Web servers | Issue Date: | 12-Feb-2025 | Publisher: | IEEE | Journal or Series Name: | IEEE security & privacy | Volume: | :tba | Issue: | :tba | Startpage: | :tba | Endpage: | :tba | Abstract: | Certification Authority Authentication (CAA) is a safeguard against illegitimate certificate issuance. We show how shortcomings in CAA concepts and operational aspects undermine its effectiveness in preventing certificate misissuance. Our discussion reveals pitfalls and highlights best practices when designing security protocols based on the Domain Name System. |
URI: | https://hdl.handle.net/20.500.12738/18006 | ISSN: | 1558-4046 | Review status: | This version was peer reviewed (peer review) | Institute: | Department Informatik Fakultät Technik und Informatik |
Type: | Article |
| Appears in Collections: | Publications without full text |
Show full item record
Add Files to Item
Note about this record
Export
Items in REPOSIT are protected by copyright, with all rights reserved, unless otherwise indicated.