Tracking adoption of revocation and cryptographic features in X.509 certificates

SSL certificates hold immense importance when it comes to the security of the WebPKI. The trust in these certificates is driven by the strength of their cryptographic attributes and the presence of revocation features. In this paper, we perform a historical measurement study of cryptographic strength and the adoption of revocation mechanisms in the X.509 SSL certificates. In particular, it provides a real-world picture of the adoption of new certificate features and pushing new changes to the WebPKI ecosystem. We analyze the features like Online Certificate Status Protocol (OCSP) Stapling, RSA public key collisions, and the strength of certificate serial numbers. We observe the improvement in the adoption and reliability of these features for 2011–2020. Our analysis helps in identifying weaknesses and negligence in certificate issuance practices of Certificate Authorities such as lack of revocation, weak serial numbers, and issuance of the same public key across different certificates for different entities on the web known as the public key collision problem. Our results show that there is an overall increase of up to 97% in the adoption of OCSP-Stapling and OCSP extensions. Along with this, there are also significant improvements in the certificate serial number length with the top 6 CAs in our dataset issuing the majority of certificates with serial byte count greater than 30. We also discovered 803 public key collision sets in our dataset. To distinguish public key collisions, we provide a working criterion to distinguish permissible, safe collisions from unsafe, risky ones. Analysis of these features holds immense importance as weakness in any of these features could allow an adversary to forge certificate(s) and conduct several attacks examples of which include Flame malware, breach of the DigiNotar and Comodo certificate authorities.