A compliance-based ranking of certificate authorities using probabilistic approaches
| Author | Junaid, Kashif |
| Author | Janjua, Muhammad Umar |
| Author | Qadir, Junaid |
| Available date | 2025-07-08T03:58:10Z |
| Publication Date | 2024 |
| Publication Name | International Journal of Information Security |
| Resource | Scopus |
| Identifier | http://dx.doi.org/10.1007/s10207-024-00867-3 |
| ISSN | 16155262 |
| Abstract | The security of the global Certification Authority (CA) system has recently been compromised as a result of attacks on the Public Key Infrastructure (PKI). Although the CA/Browser (CA/B) Forum publishes compliance requirements for CAs, there are no guarantees that even a commercially successful CA is complying with these recommendations. In this paper, we propose the first systematic CA ranking mechanism that ranks CAs in terms of their adherence to the CA/B Forum and X.509 certificate standards. Unfortunately, there is no consolidated and widely accepted parameter to rank the CAs so we have proposed formula-based rating models and introduced different ranking techniques like Direct, Bayesian, and MarkovChain Ranking. These rankings are applied to a comprehensive dataset of X.509 trust chains gathered during the time period of 2020 to 2023. Our proposed ranking scheme can serve as a criterion for both consumers and enterprises for selecting and prioritizing CAs based on performance as well as adherence to the certificate standards. |
| Language | en |
| Publisher | Springer Science and Business Media Deutschland GmbH |
| Subject | CA/B Forum Certificate authority Ranking Web PKI X.509 Certificates |
| Type | Article |
| Pagination | 2881-2910 |
| Issue Number | 4 |
| Volume Number | 23 |
Files in this item
This item appears in the following Collection(s)
-
Computer Science & Engineering [2482 items ]