Can a TLS Certificate Be Phishy?

Kaspar Hageman1, Egon Kidmose1, Rene´ Rydhof Hansen2 and Jens Myrup Pedersen1 1Department of Electronic System, Aalborg University, Denmark 2Department of Computer Science, Aalborg University, Denmark

Keywords: Phishing, Digital Certificate, Certificate Transparency, TLS.

Abstract: This paper investigates the potential of using digital certificates for the detection of phishing domains. This is motivated by phishing domains that have started to abuse the (erroneous) trust of the public in browser padlock symbols, and by the large-scale adoption of the Certificate Transparency (CT) framework. This publicly accessible evidence trail of Transport Layer Security (TLS) certificates has made the TLS landscape more transparent than ever. By comparing samples of phishing, popular benign, and non-popular benign domains, we provide insight into the TLS certificates issuance behavior for phishing domains, focusing on the selection of the certificate authority, the validation level of the certificates, and the phenomenon of certificate sharing among phishing domains. Our results show that phishing domains gravitate to a relatively small selection of certificate authorities, and disproportionally to cPanel, and tend to rely on certificates with a low, and cheap, validation level. Additionally, we demonstrate that the vast majority of certificates issued for phishing domains cover more than only phishing domains. These results suggest that a more pro-active role of CAs and putting more emphasis on certificate revocation can have a crucial impact in the defense against phishing attacks.

1 INTRODUCTION web browsers and web servers. It raises the research question on whether TLS certificates can be labeled as Decades after its inception in the ’90s, phishing re- ‘phishy’ or benign in the same manner URLs and do- mains a significant problem. This scalable form of mains have historically been given these labels, ulti- criminal activity can be characterized by the use of mately preventing Internet users from interacting with deception in which impersonation is used to obtain websites serving these certificates. The recent large- information from a target (Lastdrager, 2014). The scale adoption of two technologies has resulted in a Anti-Phishing Working Group (APWG) still reports trail of certificates, which potentially can be used for the discovery of tens of thousands of phishing sites an alternative detection method of phishing attacks: monthly (Anti-Phishing Working Group, 2021). This • HTTPS, i.e., HTTP over Transport Layer Secu- indicates that phishing is far from a solved problem, rity, by phishing websites, for encrypting traffic and that there remains a need for novel and improved between the browser and web server detection, prevention and mitigation methods. • The submission of newly-issued TLS certificates A significant effort, from both an academic and to Certificate Transparency (CT) logs by certifi- commercial perspective, has been made towards the cate authorities detection and identification of phishing entities, such Certificate Transparency has been developed for third as URLs, emails, websites and domains. Existing ap- parties to monitor the logs for fraudulently issued cer- proaches are in many cases based on identifying sim- tificates, resulting in TLS certificates being inserted ilarities between suspicious entities and known legit- in these logs in near real-time and additionally on a imate ones, as criminals conducting phishing attacks global scale. Furthermore, the issuance of certificates (referred to as phishers) often attempt to deceive vic- is assumed to occur early in the lifecycle of a do- tims into believing they are interacting with a legiti- main, and thereby also of the phishing attack. Prior mate system. However, entities that so far ha not re- research has identified a general short domain lifetime ceived a similar degree of scrutiny are digital certifi- and disposable nature of phishing domains, which we cates. Such certificates are used in establishing a se- hypothesize to be reflected in the CT log artifacts we cure communication channel between (among others) can observe:

38

Hageman, K., Kidmose, E., Hansen, R. and Pedersen, J. Can a TLS Certificate Be Phishy?. DOI: 10.5220/0010516600380049 In Proceedings of the 18th International Conference on Security and Cryptography (SECRYPT 2021), pages 38-49 ISBN: 978-989-758-524-1 Copyright c 2021 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved

Can a TLS Certificate Be Phishy?

1. The selected certificate authority that phishing 2 BACKGROUND domains resort to for issuing their certificates are expected to be cheap and certificate issuance is ex- Transport Layer Security (TLS) — like its predeces- pected to be automated. In addition, an analysis of sor SSL — is the underlying protocol suite for en- CA selection may reveal certain patterns related to crypting communication on the Internet. The secure the phishing hosting infrastructure of phishers. communication it provides is facilitated by a public 2. The validation level of certificates is a proxy for key infrastructure, in which the identity of an entity the monetary cost that phishers invest into increas- (such as a domain name) is bound to a cryptographic ing the perceived legitimacy of phishing websites. public key. The proof of such a binding is stored and 3. Phishing attacks may be part of a larger campaign, distributed in the form of an X.509 certificate, and and the preparation of those attacks may be coor- consists of the identities, the public key and a cryp- dinated. It is hypothesized that this is reflected in tographic signature that allows a web browser to ver- certificates covering more than one phishing do- ify the identity of the web server it is initiating a TLS main, which in practice would simplify the host- connection with. The process of issuing certificates ing infrastructure of the phishing attack. is handled by one of the hundreds of certificate au- In this work, we test these hypotheses by analyz- thorities (CAs), which are inherently-trusted, third- ing a large collection of TLS certificates, hinting to- party organizations. The X.509 certificate standard wards the ‘phishiness’ of the certificates. The results supports the binding with multiple identities (Cooper serve as a preliminary motivation for pursuing a CT- et al., 2008), and these identities are referred to as based phishing mitigation system. It is namely impor- Subject Alternative Names (SANs). This allows an tant that phishing domains and non-phishing domains organization to request a single certificate for multiple handle their infrastructure significantly different from domains (or other entity types such as IP addresses), a TLS perspective, in order to rely on them for such thereby reducing the number of certificates required as mitigation system. to secure web traffic towards their infrastructure. Prior to testing these hypotheses, we used our col- An applicant applies for a certificate at a CA with lected data to show that for the majority of phishing information about the to-be-created certificate, such domains, a certificate is issued before the domain gets as the SANs to cover, the validation level of the cer- blacklisted, which emphasizes the relevancy of a CT tificate, and the period for which the certificate is log-based protection system. Our main findings are valid. The CAs are tasked to verify that the requester as follows: of a certificate does in fact own all entities that the • Phishers resort to a relatively small set of CAs for certificate is about to cover. This verification can be their certificate issuance, and the issuer of certifi- done via a variety of methods depending on the CA, cates reveals information regarding the infrastruc- including email verification, an HTTP endpoint, or ture on which services for domains are served, more thorough background checks. After an appli- as illustrated by a significant number of cPanel cant proves ownership of all SANs, the CA issues a servers for phishing domains. certificate, signed by their own root (or intermediate) • Phishers seldom resort to the more expensive EV certificate. certificates, and rarely to OV certificates, although Each certificate has a validation level associated these results apply to non-popular domains as with it, indicating the depth - and therefore also the well. cost - of the verification process the CA and requester • Certificates rarely cover only phishing certificates, went through to get the certificate issued. Domain but a large fraction of certificates issued for phish- validated (DV) certificates require the least validation, ing domains cover other domains as well. followed by organization validated (OV) certificates The remainder of the paper is structured as follows. and lastly extended validated (EV) certificates. The We present the context of the paper in the background latter validation type is reserved for corporations and and related work in Sections 2 and 3. This is followed recognized entities, and requires an in-depth back- by a description of the methodology and the results in ground check. The benefit of these more expensive Sections 4 and 5. The overall impact of the results is OV and EV certificates used to be a different indica- discussed in Section 6. tor in the browser, although most browsers are mov- ing towards removing these differences1, as different indicators have proven to be ineffective (Thompson et al., 2019).

1https://blog.chromium.org/2018/05/evolving-chromes- security-indicators.html

39 SECRYPT 2021 - 18th International Conference on Security and Cryptography

In addition to the validation level and SANs to be Apple (an estimated 82.3% as of February 20215), covered in the domain, an applicant must declare the this has resulted in the large-scale adoption of the duration of the validity period of the certificate. As a CT framework. Combined with a generally increased security mechanism, certificates expire after a times- adoption of HTTPS (an estimated 84% for phishing pan after which a certificate cannot successfully be URLs (Anti-Phishing Working Group, 2021)), this verified and TLS connections must be rejected. Typi- makes the CT logs a promising data source for phish- cally, this period lies between a few months and cou- ing detection. ple of years, and since 2020, the CA/Browser Base- line Requirements restricts the validity period to a maximum of 13 months (CA/Browser Forum, 2020). 3 RELATED WORK This period prevents certificates from being abused for long periods of time, in case the private key of the cryptographic key pair of the certificate owner is Scheitle et al. (Scheitle et al., 2018) recognized the compromised. potential of CT logs for phishing detection based on a preliminary experiment, focusing primarily on 2.1 Certificate Transparency typosquatting domains, the practice of registering domains looking similar to other domains in or- der to create confusion. More recently, Fasllija et Fraudulent issuance of a certificate — regardless of al. (Fasllija et al., 2019) explored this idea further its malicious intent — can have a disastrous impact, by implementing and evaluating a classifier based as demonstrated by two incidents in 2011. Attack- on the certificates contained in the CT logs. Simi- ers were able to obtain certificates for domains in- larly, Sakurai et al. (Sakurai et al., 2020) built domain google.com microsoft.com cluding and , allowing name templates and match newly issued certificates them to perform large-scale man-in-the-middle at- against these templates to identify new phishing do- tacks (Prins, 2011). The reputation damage eventu- mains. Commercial initiatives such as CertSpotter6, ally resulted in the bankruptcy of one of the CAs. PhishFinder7, and Facebook8 started to provide pro- As a direct response to these incidents, the Certifi- tection services that alert domain owners whenever a cate Transparency project was initiated with the goal certificate for their domains is submitted to a CT log. of monitoring and auditing the certificate issuance of These initiatives primarily rely on the lexical prop- CAs. The project encourages CAs to submit every erties of the domains and do not explore the TLS- issued certificate to publicly accessible, append-only specific information contained in the logs. CT ‘logs’. These CT logs can be run by third-party Alternative early detection systems for domain organizations and, due to their public availability, al- abuse have been proposed in prior research. The low anyone to monitor for fraudulent issuance of cer- works of Hao et al. (Hao et al., 2013; Hao et al., tificates for their domains. As of February 2021, 2016) resulted in PREDATOR, a proactive detec- Chrome’s CT policy recognizes more than a hundred tion system of spamming domains. The Dutch reg- logs being operated by 21 different organizations, and istry, SIDN, uses nDEWS (Moura et al., 2016) as they contain over 12 billion issued certificates2. an early detection system for various types of do- After submitting a certificate to a CT log, a CA main abuse, operating at the level of a top-level do- obtains a Signed Certificate Timestamp (SCT), which main. Lever et al. (Lever et al., 2016) detect do- acts as a proof from the log operator that the certifi- main ownership changes for identifying malicious re- cate is, or will soon be, appended to the log. This registrations. These systems primarily rely on the SCT is embedded in the certificate, which can be DNS for their data, and could potentially be combined used during the TLS handshake between a browser, with CT log data analysis for better performances. and a web server to verify the inclusion of the cer- tificate in the logs. As of April 2018, Chrome has The CT logs have been used as a source data started to require any certificate to comply with its set for other application areas besides phishing do- CT policy, effectively requiring all certificates to be main detection. Manousis et al. (Manousis et al., Let’s Encrypt logged in at least two CT logs3. A similar policy was 2016) analyse the impact of on the TLS introduced by Apple in October 20184. Due to the ecosystem, finding early evidence for the adoption of large combined browser market share of Google and typosquatters and malware hosters. Similarly, Aer-

2https://www.certificate-transparency.org/known-logs 5https://www.w3counter.com/globalstats.php 3https://github.com/chromium/ct-policy/blob/master/ 6https://sslmate.com/certspotter/ ct policy.md 7https://phishfinder.io/ 4https://support.apple.com/en-us/HT205280 8https://developers.facebook.com/tools/ct

40 Can a TLS Certificate Be Phishy?

sten et al. (Aertsen et al., 2017) identify that in the first Domains Google year of Let’s Encrypt’s introduction, primarily low- Tranco Phishing cost domains started to resort to Let’s Encrypt as their BigQuery Popular, Certificate CA. VanderSloot et al. (VanderSloot et al., 2016) in- .com zone vestigated the coverage of the entire TLS ecosystem benign retrieval

Domain sampling Non-popular, from various viewpoints (in terms of observed certifi- ECX Analysis cates). They identified that CT logs at the time already benign captured over 90% of all certificates, which since then Figure 1: The process of retrieving the three samples of do- presumably has only increased further. mains and their associated certificates. The grey boxes rep- Prior research has relied on alternative certificate- resent the source data sets, the green boxes represent three related datasets. These datasets were often collected domain types and the red boxes represent the actions per- formed by the authors. D = set of domains, U = set of URLs, by either actively probing TLS servers (i.e.active mea- C = set of certificates. surements) or monitoring network traffic for TLS handshakes (i.e.passive measurements). Active mea- the domain is registered by its owners10. Certificates surements allow researchers to not only capture the issued for domains under this root domain are gen- certificate, but also parameters exchanged during the erally requested by the domain owner since the do- TLS handshake (Zhang et al., 2014). Drawbacks main owner is tasked to demonstrate ownership of the of active measurements include its reliance a list of 9 domain to the CA, although newer verification meth- known domains , partial coverage caused by unavail- ods (such as an HTTP-based method) challenge this ability of servers and the difficulty of performing assumption. The aforementioned three domain types continuous measurements. In passive measurements, used for analysis are defined as follows: such as the works by Razaghpanah et al. (Razagh- • Phishing domains (D ) are those domains that panah et al., 2017), have no control of which cer- phish have historically been used in phishing attacks. tificate are observed. The degree of coverage of the • Popular benign domains (D ) represent the set TLS ecosystem is highly dependent on the quality and pop of domains used for highly popular services that quantity of the observation point(s), as a small and ho- receive the majority of traffic on the Internet. mogenous client population is unlikely to query a sig- • Non-popular benign domains (D ) are do- nificant portion of TLS-enabled servers. In contrast nonpop mains that receive a low amount of traffic, yet to CT logs, neither active nor passive measurements have not been seen as part of phishing attacks. are guaranteed to provide certificates in a timely fash- For each domain type, we sampled 10,000 domains, ion (i.e., immediately after the certificate has been is- resulting in a total number of 30,000 domains for sued). Note that different measurement types can be which certificates were collected. Figure 1 shows the used in conjunction (Holz et al., 2019), compensat- process to retrieve the sample of domains and their as- ing each other’s drawbacks and thereby resulting in a sociated certificates. The domain sampling step con- higher quality dataset. sists of converting the source domains into a set of sampled, labeled domains. In the certificate retrieval step, all certificates for these sampled domains are re- 4 METHODOLOGY trieved, which in turn are analyzed further.

To obtain a manageable dataset of certificates (in Domain Sampling. The Tranco list (Pochat et al., terms of the cost of analyzing these certificates), we 2019) combines three other domain lists to provide a collect certificates issued for a sample of three do- robust list of the top one-million popular domains, in main types. An exploratory analysis of all certificates terms of the popularity of those domains11. We as- available from the CT logs is considered infeasible, sume that the domains on the top of this list are in- as they contain over twelve billion certificates. Rather herently benign (i.e., they were not registered for ma- than considering Fully Qualified Domain Names licious purposes), under the assumption that a mali- (FQDNs), we are primarily concerned with analyzing ciously registered domain will never become popular root domains, the part of the FQDN under which enough to receive high amounts of traffic. The top of

10For instance, the root domain for the FQDN 9A TLS handshake involves the Server Name Indication ex- www.example.co.uk is example.co.uk. tension of TLS (Blake-Wilson et al., 2003), i.e., a field that 11The definition of ‘popularity’ differs slightly between the contains the domain name that the client intends to connect three source lists, but generally represents the amount of to. traffic the domain receives.

41 SECRYPT 2021 - 18th International Conference on Security and Cryptography

the list therefore represents popular, benign domains. Table 1: Overview of the collected dataset. 12 The APWG’s eCrime eXchange (eCX) platform # domains % certificates # domains # certificates contains millions of known phishing URLs submitted without cert trusted by contributing organizations, whenever the submit- Phishing 10.0k 4.2k 184.9k 95.9 ted URL is found to host phishing content. The root Popular 10.0k 175 78.9M 40.4 Non-pop. 10.0k 6.3k 95.6k 99.0 domains extracted from these URLs form the base of Total 30.0k 10.7k 79.1M the phishing domain sample, denoted as Decx. Some popular domains are often abused for hosting phish- ing content, such as Facebook or Google Docs. This certificates were issued for popular domains. This is however does not imply those domains are registered partially explained by the fact that only a small frac- for malicious purposes; the content on these sites is tion of popular domains had no certificate issued for merely user-generated and therefore contains a mix it, compared to 4,235 phishing domains, and 6,283 of malicious and benign content. The set of phish- of the non-popular domains. In our further analysis, we discard certificates that are untrusted by browsers, ing domains is defined as Dphish = Decx \ Dpop, or the root domains extracted from eCX URLs, excluding as those certificates cause browsers to present users any domain that is in the top 1M Tranco domains. a warning page, instead of the actual content. The Lastly, the non-popular, benign domain type is de- purpose of issuing certificates in the first place is to make pages seem legitimate, which is defeated when fined as Dnonpop = Dcom \ (Decx ∪ Dpop), where Dcom is the set of all domains in the .com zone (comprising a warning page is shown. A certificate can be un- almost half of all domains globally). None of these trusted for various reasons, such as being self-signed domains receive a large amount of traffic and have or being signed by a root certificate that a particu- never been seen in a phishing attack according to the lar browser or operating system does not trust. This eCX platform. filtering of untrusted certificates primarily affects the popular domains, with nearly 60% of all certificates issued for those domains being untrusted. The table Certificate Retrieval. We collect any certificate suggests that phishing domains have adopted HTTPS submitted to the CT log ecosystem that covers (at to a higher degree than non-popular domains, with least) one of the domains in the domain sets. This nearly twice the number of certificates issued for collection is done through a Google BigQuery dataset them. provided by the Censys search engine (Durumeric et al., 2015). The criterion for a certificate to cover 5.1 Temporal Analysis a domain name is that the SANs list of the certificate contains (1) the root domain itself, (2) a subdomain of As previously stated, one advantage of CT log analy- the root domain, or (3) a wildcard domain under the sis over passive and active measurements is the pre- root domain. In addition to the raw certificates, we sumed early submission and publication of certifi- also collect several extra fields, including the finger- cates to the CT logs. Using CT logs as a data source print of the certificate, and the validity of the certifi- for early detection is only viable if certificates can cate according to different root stores. consistently be monitored prior to the blacklisting of the domains they cover, and as such we test the fol- lowing hypothesis: 5 RESULTS Hypothesis 1. Certificate issuance occurs prior to blacklisting of phishing domains All four datasets (i.e., the Tranco list, the .com zone file, the eCX URLs, and certificates) were collected We analyze the time difference between (1) the black- in the beginning of 2020. We used the Tranco list listing of a phishing domain and (2) the issuance of its from February 20th, 202013. The list of eCX URLs certificate(s). This process is made more difficult be- comprises over 8.6 million URLs (belonging to 1.02 cause a domain can both have been blacklisted mul- million unique root domains), and contains URLs dis- tiple times, and have multiple certificates issued for covered up to February 27th, 2020. The certificates it. The former challenge is tackled by selecting the from Censys were collected on March 12th, 2020. first timestamp of blacklisting seen for that specific An overview of the resulting dataset is shown in Ta- domain, whereas the latter is tackled by introducing ble 1. The vast majority of the 79.1 million collected the notion of the closest certificate. For each times- tamp of first blacklisting, the most recent certificate 12https://apwg.org/ecx/ issuance before blacklisting is considered. If no cer- 13Available at https://tranco-list.eu/list/XWNN. tificate before blacklisting exists, the oldest certificate

42 Can a TLS Certificate Be Phishy?

d1 domain domain end of registration expiration redemption period d2

t 1+ year 45 days 30 days 5 days certificate blacklisting Δ time auto-renew period end of available for redemption period auto-renew re-registration Figure 2: The computation of the time difference between domain blacklisting and the closest certificate issuance. For Figure 3: Timeline of the re-registration process of a do- domain d1, the most recent certificate before the first black- main name. listing timestamp is taken (resulting in a negative time dif- ference), whereas for domain d2 the earliest certificate is- 1.0 suance timestamp after the first blacklisting timestamp is 75.66% taken (resulting in a positive time difference). 56.13% 0.5 of domains ECDF after blacklisting is considered. The first motivation 0.0 for this definition is that the most recent certificate before blacklisting is most likely to be issued by the (-35d) end of pending same owner of the domain at the time of blacklist- listed as elete (-5d) d ing, as older certificates may have been issued by a auto-renew re-registration previous owner of the domain. Secondly, certificates (tC, tB) issued after blacklisting are meaningless for early pro- Figure 4: The ECDF of the time difference between the is- tection against phishing attacks abusing that domain, suance of the closest certificate and the earliest URL black- hence the low priority of including those certificates. listing timestamp, for each phishing domain. The figure is This process is illustrated in Figure 2. zoomed in on the period around the auto-renew and regis- Certificates issued before the first blacklisting date tration period of a domain. are not necessarily requested by the same domain owner that caused the domain to be blacklisted. Given registered under the .com top-level domain (TLD) the decade-spanning time window of the CT logs, it goes through a process after a domain expires, dur- is possible to observe a certificate issued for a domain ing which the control of the domain is taken back by the registrar, and after which a domain can poten- ten years before it got blacklisted. Since the identi- 14 fication of domain ownership is inherently a difficult tially change owner . An auto-renew period of 45 task, we instead estimated a lower and upper bound days is followed by a 30-day redemption period, af- for the number of phishing domains for which we can ter which the domain is listed as ‘pending delete’ for identify a relevant certificate, issued before the do- 5 days. After this period, the domain is up for re- main got blacklisted. registration (Lauinger et al., 2017) (see Figure 3). In the auto-renew period, domain owners have the op- portunity to renew or sell their domain, and as such Upper Bound. For all phishing domains in the a domain cannot change ownership in the 35-day pe- dataset, the time difference between the issuance riod between the end of the auto-renew period, and the of the closest certificate (tC) and the earliest URL earliest potential to re-register a domain. Given a do- blacklisting timestamp (tB) is computed (denoted as main for which a URL was blacklisted at an arbitrary ∆(tC,tB)). A negative time difference implies that timestamp t = 0, all certificates issued in the period the closest certificate was issued before the URL was [−35 days,0] are requested by the same owner that blacklisted. For 75.66% of all phishing domains, the owned the domain at the time of blacklisting. Figure 4 earliest certificate timestamp occurs before the earli- shows a zoomed-in portion of the Empirical Cumula- est blacklisting timestamp, which serves as the upper tive Distribution Function (ECDF) of ∆(tC,tB) of all bound of the percentage of domains a CT log-based phishing domains, and shows that 56.13% of domains phishing domain detection system can protect against. had their closest certificate issued in this period for which there exists the previously described certainty Lower Bound. In order to estimate a lower bound, about the ownership of the domain. As such, this per- the registration process of a domain is taken into ac- centage is considered the lower bound. The figure count. Since domains can change their ownership 14Note that other TLDs may have different processes re- during their lifecycle, it is vital to only consider cer- garding the expiration of a domain, but given the large tificates issued by the same owner that owned the market share of .com, their expiration process drives our domain during the time of blacklisting. A domain methodology

43 SECRYPT 2021 - 18th International Conference on Security and Cryptography

also illustrates the aforementioned upper bound. 0.05 phish (n=177,351) These results indicate that for between 56.13% pop (n=31,832,287) and 75.66% of phishing domains, a certificate is- 0.04 non-pop (n=94,550) suance can be observed before a URL for that do- 0.03 main is being blacklisted. Even though this implies 0.02 that perfect coverage of all domains does not seem 0.01 feasible, it is important to note that CT logs cover do- 0.00 mains across all TLDs and their coverage is arguably # of certs issued (normalized) 2002 2004 2006 2008 2010 2012 2014 2016 2018 2020 only getting higher due to the ever-increasing adop- Figure 5: The distribution of the month of issuance of cer- tion of HTTPS. Therefore, CT log-based detection of tificates for the three domain types. phishing domains could potentially cover a larger set of domains than active or passive measurement-based of an individual certificate c’s validity period is de- methods. noted as v(c). The set of all existing issuers is A. Us- ing these formulations, we define domain issuer pref- 5.2 Issuers erence Pissuer(di,a j), which represents how much a particular issuer is preferred by a domain: Each certificate in circulation has been signed by a CA, which has deliberately been approached by the v(c) requester of the certificate (through the submission of ∑ c∈Cissuer(di,a j) a certificate signing request). As such, the choice of Pissuer(di,a j) = (1) ∑ ∑ v(c) CA of a certificate reflects the behavior of the domain a∈A c∈Cissuer(di,a) owner. CAs have individual differences, such as pric- This measure is a value between one and zero, and ing models, countries in which they operate, the pro- ∑a∈A Pissuer(di,a) = 1. This definition is used to ex- cess of verifying the identity of the requester, etc. As press the domain type issuer preference for domain these differences may be important considerations for type k towards an issuer a j: phishers, we test the following hypothesis: ∑d∈Dk Pissuer(d,a j) Hypothesis 2. The CA selection of phishing domains Pissuer(Dk,a j) = (2) ∑a∈ ∑d∈D Pissuer(d,a) provides insight in the monetary considerations, and A k the operations of phishers Where Dk is the set of all domains for domain type k. Similar to Eq. 1, the following holds: In reality, it is not trivial to identify the underlying CA ∑ issuer(D ,a) = 1. Eq. 1 ensures that certificates that signed a certificate, as certificates are generally a∈A P k are weighted proportionally to their validity period, signed by intermediate certificates15, and a single CA and that each domain within a domain type is equally may operate many intermediate certificates. In addi- weighted disregarding the number of certificates is- tion, cross-signing of certificates is not uncommon, in sued for the domain, whereas Eq. 2 ensures a proper which the root certificate of a CA signs the interme- comparison between domain types. diate certificate of another CA, resulting in a chain of Using Eq. 2, we compute the domain type pref- trust rooted in more than one CA. We therefore an- erences for all combinations of issuers and domain alyze the issuer of certificates rather than identifying types, of which the results are illustrated in Table 2. the underlying CA, as the issuer selection may pro- The top 10 most preferred issuers are shown in the vide a similar insight into phishing as the CA selec- table. In total, 853 issuer certificates were used to tion would. sign the set of certificates, of which 846 were used for In order to analyze the selection of CA, it is im- popular domains, 132 for phishing domains and only portant to handle any potential biases that can be in- 125 for non-popular domains. Generally, the prefer- duced. More specifically, it is imperative that a sin- ence for phishing domains and non-popular domains gle domain should not dominate other domains due are fairly similar, with the popular domains having a to the number of certificates issued for it (as demon- vastly different preference profile. strated earlier in Table 1), or a specific issuer to dom- Although Let’s Encrypt is the most preferred is- inate others due to the short validity period of their suer for popular domains (with 15.7%), it is not nearly certificate (thereby requiring customers to frequently as popular as the other two domain types (46.19% re-issue certificates). and 61.46% for phishing and non-popular domains re- The set of certificates issued for domain d issued by i spectively). One explanation could be that Let’s En- issuer a is formalized as C (d ,a ). The duration j issuer i j crypt is a relatively new CA, and popular domains 15These intermediate certificates are in turn signed by a root tend to be long-lived, resulting in a stronger prefer- certificate or another intermediate certificate. ence for CAs that have been operating longer, or for

44 Can a TLS Certificate Be Phishy?

Table 2: The domain type issuer preference (as percentage) for the ten most preferred issuers and the three domain categories.

Pissuer(D,a j) (in %) a j D = Dphish D = Dpop D = Dnonpop Let’s Encrypt Authority X3 ∗46.19 ∗15.70 ∗61.46 cPanel, Inc. Certification Authority ∗33.53 1.23 ∗10.69 COMODO ECC Domain Validation Secure Server CA 2 ∗7.94 5.23 ∗4.51 DigiCert SHA2 Secure Server CA 0.06 ∗6.88 0.15 Amazon 0.14 ∗5.91 0.73 Go Daddy Secure Certificate Authority - G2 1.91 4.50 4.21 CloudFlare Inc ECC CA-2 3.65 1.33 4.43 GlobalSign CloudSSL CA - SHA256 - G3 0.32 4.23 0.06 DigiCert SHA2 High Assurance Server CA 0.01 4.09 0.02 Sectigo RSA Domain Validation Secure Server CA 1.38 1.55 4.03 ∗among the three most preferred authorities within the domain category.

0.06 ing infrastructure on a large scale, or (2) that cPanel URL blacklisting Critical CVE vulnerability accounts are compromised at a large scale and repur- 0.04 posed for conducting phishing attacks. Under the as- sumption that the second hypothesis can only occur

0.02 on a large scale in case of the discovery of a criti- cal vulnerability, we would expect to see a peak of submissions of phishing URLs on the eCX for do- 0.00

# of certs issued (normalized) 2010 2012 2014 2016 2018 2020 mains running cPanel software, as cPanel hosts are compromised around the time of the vulnerability dis- Figure 6: Distribution of the month of URLs blacklisted closure. Several critical vulnerabilities were reported for phishing domains with cPanel certificates (black). The 17 month of the discovery of several critical vulnerabilities is for cPanel in September 2019 , but according to Fig- displayed in red. ure 6 this did not coincide with unusual numbers of related URLs being reported. We have found no evi- now-defunct CAs. Figure 5 shows the distribution of dence of peaks of URL submissions for phishing do- the month of issuance of certificates for the three do- mains running on cPanel software, suggesting that the main types. The figure shows that the vast majority of first hypothesis holds true, but this requires further re- certificates are issued after 2018 and that there is no search to confirm. major difference between the domain types, suggest- ing that the age of Let’s Encrypt does not play a large 5.3 Validation Level role in the issuer preference. The issuer preference provides information re- In addition to the CA selection, the selection of a val- garding the infrastructure used to serve services us- idation level provides insight in the monetary invest- ing popular domains, of which the high preference for ment in conducting phishing attacks, which leads to the Amazon issuer by popular domains (5.91%, or the the following hypothesis: third-most preferred issuer) is an example. Amazon Hypothesis 3. Phishers resort to certificates with issues public certificates for customers of their AWS higher validation levels to increase the perceived le- cloud platform, which specifically focuses on “secur- gitimacy of phishing websites. ing public websites with significant traffic require- ments”16, indicating that part of the infrastructure of Similar to the issuer analysis, the analysis of vali- popular domains with such certificates operates on dation level differences requires a normalization step AWS. Similarly, we find that phishing domains have a taking into account the number of certificates and the strong preference for the cPanel issuer (33.53%) com- validity duration of certificates. The set of all certifi- pared to popular (1.23%) and non-popular (10.69%) cates issued for domain di with a validation level l j is benign domain types. cPanel is a popular web host- denoted as Cval(di,l j). The set of possible validation ing platform with the option for automatic issuance levels (i.e., DV, OV, EV, and unknown) is denoted as and deployment of TLS certificates. We hypothesize L. The domain validation level preference Pval(di,l j) that either (1) phishers rely on cPanel for their host- 17We used a CVE record with a score of 8 or higher as the definition of a critical vulnerability, obtained from 16https://docs.aws.amazon.com/acm/latest/userguide/acm- https://www.cvedetails.com/vulnerability-list/vendor id- overview.html 1766/product id-3023/Cpanel-Cpanel.html

45 SECRYPT 2021 - 18th International Conference on Security and Cryptography

Table 3: Values of Pval(D,l) for all domain categories and 1.0 validation levels (as percentage).

0.5 37.57%

↓ D → l DV OV EV Unknown ECDF

Dphish 92.94 6.65 0.11 0.31 0.0 Dpop 49.41 39.17 4.03 7.38 100 101 102 103 Dnonpop 91.99 7.28 0.14 0.59 # unique roots Figure 7: ECDF of the number unique roots of certificates represents how much a particular validation level is covering at least a single phishing domain (n = 975,426). preferred by a specific domain: The red line represents the fraction of covering only a single unique root domain. ∑ v(c) c∈Cval (di,l j) a shared infrastructure, which would be reflected by (d ,l ) = (3) Pval i j shared certificates, or certificates that cover more than ∑l∈L ∑c∈Cval (di,l) v(c) Again, v(c) denotes the duration of the validity period a single phishing domain. of certificate c, and this measure is a value between Hypothesis 4. Individual phishing attacks may be one and zero, and ∑l∈L Pval(di,l) = 1. Then, the do- part of a larger campaign, and the deployment of main type validation level preference for each of the those attacks is coordinated. domain categories D (i.e., D , D and D k phish pop nonpop In order to test this hypothesis, we collect all certifi- for phishing, popular and non-popular sampled do- cates in our dataset that cover at least a single phishing mains respectively) for a specific validation level l is j domain. Note that we consider all phishing domains, defined as follows: not only the 10,000 domains in the initial sample. In ∑d∈Dk Pval(d,l j) Pval(Dk,l j) = (4) total, 975k certificates were identified. For each cer- ∑l∈L ∑d∈Dk Pval(d,l) tificate, we extract the unique root domains, and the We rely on the reported validation levels from the ECDF of the count is shown in Figure 7. 37.57% of Censys dataset18 to compute the preferences. Table 3 certificates issued for phishing domains cover only shows the results of the computation of these values, a single unique root, indicating that the remaining for all domain type and validation level combinations. 62.43% (or 608,934 certificates) is potential evidence Unsurprisingly, popular domains have a stronger pref- that certificate sharing is rampant in phishing attacks. erence for OV and EV certificates, as popular domains Surprisingly, only 0.90% (or 5,452) of these cer- have a larger incentive and budget for protecting the tificates cover only phishing roots, meaning that the legitimacy of their brand. Phishing and non-popular remaining certificates cover not only phishing roots, benign domains have a highly similar preference. but also domains of unknown nature. The implica- Notably, we identified 133 EV certificates issued tion of this is that there is a small portion of certifi- for 16 unique phishing domains. Further inspection cates that can be considered unambiguously ‘phishy’, shows that only two of those 16 domains are marked whereas the vast majority of certificates cannot. The by VirusTotal as malicious, questioning whether the existence of these ‘ambiguous’ certificates could be other 14 are really phishing domains in the first place. interpreted in several ways, including: As such, we conclude that EV certificates are vir- 1. Certificates are requested by a third party to which tually unused by phishers in our dataset, and this domain control is delegated by the actual owner, suggests that EV certificates are in fact a meaning- and this third party requests certificates that cover ful method for marking websites as trustworthy, even benign and phishing domains. though browsers stopped presenting such indicators 2. There exists a vast number of domains that have to users. not yet been discovered to be phishing domains, which means that in reality these ambiguous cer- 5.4 Certificate Sharing tificates are in fact ‘phishy’. 3. Not all domains owned by a particular domain Based on the following hypothesis, there is an ex- owner are used for phishing attacks. This in- pectation that phishing domains may be deployed on cludes for example benign domain owners whose 18 websites are hacked and repurposed for phish- We verified the correctness of these values by computing ing attacks, or phishers who manage domains for a validation level based on the existence of specific Object Identifiers (OIDs) in the X.509 certificate extensions and non-phishing activities, and domains with user- matching those against the Censys values. Our method in generated content of mixed nature. general led to more inconclusive results. We investigate the first point through a case study:

46 Can a TLS Certificate Be Phishy?

Cloudflare. Cloudflare’s Content Delivery Net- insight in the operations of phishing domains (e.g., work (CDN) enables customers to encrypt traffic to preference for cPanel), thereby we accept Hypothe- their websites by proxying traffic through Cloudflare sis 2. Further research is required to draw stronger servers. This requires them to change the DNS name conclusions regarding the domains relying on cPanel, server of their domain to Cloudflare, effectively del- but these results emphasize the importance of the po- egating the control of their DNS configuration to sition of CAs in the fight against phishing. CAs have Cloudflare, which is used by the ACME protocol to the opportunity to interfere with the TLS ecosystem verify the ownership of domains. Rather than re- through the revocation of certificates and in fact some questing a single certificate for each domain, a sin- CAs state in their policies that malicious activity is gle certificate is requested for a set of domains, all grounds for certificate revocation20. Although the ef- from different owners. In addition, these certifi- fectiveness of certificate revocation have historically cates contain a Cloudflare-specific domain (usually been limited (Liu et al., 2015), our results are an ar- the first domain name in the list of SANs), matching gument for better handling of certificate revocation. the structure sni{6 digits}.cloudflaressl.com. Our results for the validation level of certificates Naturally, none of these certificates can unambigu- show that phishers rarely resort to EV certificates ously be assumed to be phishy, as they cover do- (thereby rejecting Hypothesis 3). Given the rela- mains from many different owners. This set of Cloud- tively high cost of OV and EV certificates ($27.44 and flare certificates alone already comprises 91.369 cer- $72.18 per year at COMODO respectively for exam- tificates, or 9.37% of the full set of certificates is- ple21), this suggests phishers are not willing to signifi- sued for phishing domains. We identified other sim- cant amounts of money, or are actually rejected during ilar certificate structures to Cloudflare certificates, the vetting process. Even though browser indicators that include SANs such as statuspage.io and have been demonstrated to be ineffective from the per- incapsula.com, leading us to believe that those do- spective of users (Thompson et al., 2019), higher val- mains are used for similar purposes as the sni{6 idation levels could be an effective signal for identi- digits}.cloudflaressl.com domains. Further re- fying certificates that are not used in phishing attacks. search is needed to fully differentiate ‘phishy’ certifi- EV certificates could act as a white-listing method for cates from these CDN-type certificates. identifying ‘benign’ certificates. Lastly, we found few unambiguous cases of shared certificates between phishing domains, with 6 DISCUSSION 5,452 certificates only covering phishing domains. The vast majority of certificates that cover at least a single phishing domain also covers domains whose The fact that between 56.13% and 75.66% of phish- nature is unknown, which makes it difficult to extract ing domains observe a relevant certificate being is- meaningful information from the certificates about sued before a URL is blacklisted is a promising result the decisions of the phishers. A substantial part of and a strong motivation for pursuing the development this challenge can be explained by the practice of do- of CT log-based abuse prevention systems (accepting main owners delegating control to CDNs, which ag- Hypthesis 1). Given the constant growth of phish- gregate many domains from many owners, and ob- ing attacks being conducted over HTTPS (over 84% tain certificates covering many domains of various of identified phishing attacks in the last quarter of types, including phishing. We found that 9.37% of 2020 according to the APWG (Anti-Phishing Work- the phishing domains had been mixed with other do- ing Group, 2021), compared to only 10% in the first mains by Cloudflare, and indications that other CDNs quarter of 2017), CT log’s early coverage of phish- apply similar practices. Consequently, CDNs have a ing domains is only expected to grow in the future. role and a responsibility in the fight against phishing, Simultaneously, the introduction of more traffic en- when they offer the service of managing certificates, cryption methods, such as ECN19 could render pas- and in general when applying practices that allows sive measurements less effective, emphasizing the rel- phishers to mix with benign domain owners. We can- evance of CT logs even more. not reject nor accept Hypothesis 4, which remains in- We have demonstrated that phishing domains and conclusive. non-popular benign domains have similar preference This work provides preliminary characteristics of profiles for the issuer selection of their certificates (except cPanel), but a vastly different profile com- 20Example of Sectigo: https://sectigo.com/uploads/files/ pared to popular domains. Our results provide some Sectigo-CPS-v5 2 2.pdf 21https://comodosslstore.com/resources/dv-vs-ov-vs-ev- 19https://tools.ietf.org/html/draft-ietf-tls-esni-10#page-6 ssl-which-certificates-are-good-for-site-security/

47 SECRYPT 2021 - 18th International Conference on Security and Cryptography

phishing certificates, suggesting that a there is a cer- being blacklisted, indicating the scale at which CT- tain degree of ’phishiness’ that can be assigned to a based mitigation can protect against phishing. Fur- certificate. Even a simple-heuristics based warning thermore, our results show that phishing domains re- system can potentially be useful for identifying can- sort to a relatively small group of issuers, particularly didate phishing domains, by for example identifying gravitating to cPanel, which emphasizes that stronger cPanel certificates covering several domains, includ- adherence to certificate revocation lists produced by ing a domain that previously already was blacklisted these issuers can be highly valuable. We have also by the eCx. shown that phishers are unlikely to resort to (expen- sive) EV certificates, which could suggest that do- Limitations. Our methodology differentiates be- mains that do employ them could serve as a whitelist tween three domain types, and considers phishing do- for non-phishing domains. Lastly, we found that cer- mains a homogenous group of domains registered for tificates are unlikely to be unambiguously phishy or phishing purposes. Even though we accounted for benign, given the set of phishing domains they en- domain ownership changes in the collection of cer- compass. Although we identified only a few certifi- tificate for phishing domains, we do not address the cates that only cover phishing domains, the majority potential of domain compromise. Maroofi et al. (Ma- of certificates issued for phishing domains cover mul- roofi et al., 2020) manually collected a dataset of tiple phishing domains, which is a hopeful takeaway. phishing URLs and identified 58% to be maliciously These results led us to provide several suggestions for registered and 42% to be compromised. This implies changes to the TLS ecosystem. that there is a likelihood that our analysis of phish- Our work opens up several pathways for future ing domains leads to conclusions for compromised work. Firstly, given the preliminary nature of our re- domains, rather than maliciously registered domains. sults, we encourage the research community to inte- Identifying whether a domain is compromised in itself grate our results in novel or existing domain classi- is already a challenging task, which is significantly fication methods. An alternative promising direction more difficult with historical data, where the website is the disambiguation of certificates, which - if suc- may not be online anymore. cessful - could lead to a very effective way to propa- It is possible that the domain type samples contain gate the ‘phishiness’ of a certificate to all the domains false positives of domains that in reality are placed in it covers. Additionally, the potential impact of CAs the wrong class. One cause of this could be the (lack (cPanel in particular) and certificate revocation could of) vetting of URLs in the eCX platform, which could be explored in more detail. result in URLs submitted to the platform that are in reality not phishing URLs. In addition, it is unlikely that the eCX URLs are fully complete, covering every ACKNOWLEDGEMENTS phishing URL in existence, as not all phishing attacks are detected and reported. Additionally, the eCX re- lies on member contributions, and these are unlikely This research is carried out under the SecDNS project, to be fully complete. As a result, there are likely to funded by Innovation Fund Denmark. We thank Cen- be domains in the non-popular domain set that are in sys.io for sharing their CT log data with us, and we reality phishing domains. Unfortunately, this is a core are thankful for the APWG for granting us access to limitation of the CT framework for phishing preven- their eCX platform. tion, as TLS certificates are issued on a domain basis instead of on a URL basis. REFERENCES

7 CONCLUSIONS Aertsen, M., Korczynski,´ M., Moura, G. C. M., Tajal- izadehkhoob, S., and van den Berg, J. (2017). No domain left behind: is let’s encrypt democratizing en- This paper addresses the potential of using the phishi- cryption? In Proceedings of the Applied Networking ness of digital certificates as a method to identify Research Workshop. ACM. phishing domains early in their lifecycle. By com- Anti-Phishing Working Group (2021). Phishing Activity paring the certificates issued for three distinct domain Trends Report - 4th Quarter 2020. https://docs.apwg. sets, we identify relevant patterns in the differences org/reports/apwg trends report q4 2020.pdf. Ac- across these domain sets. Firstly, our temporal anal- cessed: 2021-02-12. ysis shows that for 56.13% to 75.66% of phishing Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, domains, a certificate is issued before the domain is J., and Wright, T. (2003). Transport layer security (tls)

48 Can a TLS Certificate Be Phishy?

extensions. RFC 3546, RFC Editor. Accessed: 2021- Sekar, V. (2016). Shedding light on the adoption of 02-12. let’s encrypt. CA/Browser Forum (2020). Baseline requirements for the Maroofi, S., Korczynski, M., Hesselman, C., Ampeau, B., issuance and management of publicly-trusted certifi- and Duda, A. (2020). COMAR: Classification of com- cates (version 1.7.3). Technical report, CA/B Forum. promised versus maliciously registered domains. In Accessed: 2021-02-08. 2020 IEEE European Symposium on Security and Pri- Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Hous- vacy (EuroS&P). IEEE. ley, R., and Polk, W. (2008). Internet X.509 Pub- Moura, G. C. M., Muller, M., Wullink, M., and Hesselman, lic Key Infrastructure Certificate and Certificate Re- C. (2016). nDEWS: A new domains early warning vocation List (CRL) Profile. RFC 5280, RFC Editor. system for TLDs. In NOMS 2016 - 2016 IEEE/I- http://www.rfc-editor.org/rfc/rfc5280.txt. FIP Network Operations and Management Sympo- Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., and Hal- sium, pages 1061–1066. IEEE. derman, J. A. (2015). A search engine backed by Pochat, V. L., Goethem, T. V., Tajalizadehkhoob, S., Ko- internet-wide scanning. In Proceedings of the 22nd rczynski, M., and Joosen, W. (2019). Tranco: A ACM SIGSAC Conference on Computer and Commu- research-oriented top sites ranking hardened against nications Security, pages 542–553. ACM. manipulation. In Proceedings 2019 Network and Dis- Fasllija, E., Enis¸er, H. F., and Prunster,¨ B. (2019). Phish- tributed System Security Symposium. Internet Society. hook: Detecting phishing certificates using certificate Prins, J. (2011). DigiNotar Certificate Author- transparency logs. In Lecture Notes of the Institute for ity breach “Operation Black Tulip”. https: Computer Sciences, Social Informatics and Telecom- //media.threatpost.com/wp-content/uploads/sites/ munications Engineering, pages 320–334. Springer 103/2011/09/07061400/rapport-fox-it-operation- International Publishing. black-tulip-v1-0.pdf. Accessed: 2021-02-12. Hao, S., Kantchelian, A., Miller, B., Paxson, V., and Razaghpanah, A., Niaki, A. A., Vallina-Rodriguez, N., Sun- Feamster, N. (2016). PREDATOR: Proactive Recog- daresan, S., Amann, J., and Gill, P. (2017). Study- nition and Elimination of Domain Abuse at Time- ing TLS usage in android apps. In Proceedings of the Of-Registration. In Proceedings of the 2016 ACM 13th International Conference on emerging Network- SIGSAC Conference on Computer and Communica- ing EXperiments and Technologies, pages 350–362. tions Security, pages 1568–1579. ACM. ACM. Hao, S., Thomas, M., Paxson, V., Feamster, N., Kreibich, Sakurai, Y., Watanabe, T., Okuda, T., Akiyama, M., and C., Grier, C., and Hollenbeck, S. (2013). Under- Mori, T. (2020). Discovering HTTPSified phishing standing the domain registration behavior of spam- websites using the TLS certificates footprints. In 2020 mers. In Proceedings of the 2013 Conference on Inter- IEEE European Symposium on Security and Privacy net Measurement Conference, IMC ’13, page 63–76, Workshops (EuroS&PW), pages 522–531. IEEE. New York, NY, USA. Association for Computing Ma- Scheitle, Q., Gasser, O., Nolte, T., Amann, J., Brent, L., chinery. Carle, G., Holz, R., Schmidt, T. C., and Wahlisch,¨ M. Holz, R., Amann, J., Razaghpanah, A., and Vallina- (2018). The rise of certificate transparency and its im- Rodriguez, N. (2019). The era of TLS 1.3: Measuring plications on the internet ecosystem. In Proceedings deployment and use with active and passive methods. of the Internet Measurement Conference 2018, IMC CoRR, abs/1907.12762. ’18, page 343–349, New York, NY, USA. Association for Computing Machinery. Lastdrager, E. E. (2014). Achieving a consensual defini- Thompson, C., Shelton, M., Stark, E., Walker, M., tion of phishing based on a systematic review of the Schechter, E., and Felt, A. P. (2019). The web’s iden- literature. Crime Science, 3(1). tity crisis: understanding the effectiveness of website Lauinger, T., Chaabane, A., Buyukkayhan, A. S., Onarli- identity indicators. In 28th {USENIX} Security Sym- oglu, K., and Robertson, W. (2017). Game of reg- posium ({USENIX} Security 19), pages 1715–1732. istrars: An empirical analysis of post-expiration do- VanderSloot, B., Amann, J., Bernhard, M., Durumeric, Z., main name takeovers. In 26th USENIX Security Sym- Bailey, M., and Halderman, J. A. (2016). Towards a posium (USENIX Security 17), pages 865–880, Van- complete view of the certificate ecosystem. In Pro- couver, BC. USENIX Association. ceedings of the 2016 Internet Measurement Confer- Lever, C., Walls, R., Nadji, Y., Dagon, D., McDaniel, P., ence, IMC ’16, page 543–549, New York, NY, USA. and Antonakakis, M. (2016). Domain-z: 28 registra- Association for Computing Machinery. tions later measuring the exploitation of residual trust Zhang, L., Choffnes, D., Levin, D., Dumitras¸, T., Mislove, in domains. In 2016 IEEE Symposium on Security and A., Schulman, A., and Wilson, C. (2014). Analysis Privacy (SP), pages 691–706. IEEE. of ssl certificate reissues and revocations in the wake Liu, Y., Tome, W., Zhang, L., Choffnes, D., Levin, D., of heartbleed. In Proceedings of the 2014 Conference Maggs, B., Mislove, A., Schulman, A., and Wilson, on Internet Measurement Conference, IMC ’14, page C. (2015). An end-to-end measurement of certifi- 489–502, New York, NY, USA. Association for Com- cate revocation in the web’s pki. In Proceedings of puting Machinery. the 2015 Internet Measurement Conference, IMC ’15, page 183–196, New York, NY, USA. Association for Computing Machinery. Manousis, A., Ragsdale, R., Draffin, B., Agrawal, A., and

49