Towards a complete view of the certificate ecosystem

Benjamin VanderSloot, Johanna Amann, Matthew Bernhard, Zakir Durumeric, Michael Bailey, J. Alex Halderman

Research output: Chapter in Book/Report/Conference proceedingConference contribution


The HTTPS certificate ecosystem has been of great interest to the measurement and security communities. Without any ground truth, researchers have attempted to study this PKI from a variety of fragmented perspectives, including passively monitored networks, scans of the popular domains or the IPv4 address space, search engines such as Censys, and Certificate Transparency (CT) logs. In this work, we comparatively analyze all these perspectives. We find that aggregated CT logs and Censys snapshots have many properties that complement each other, and that together they encompass over 99% of all certificates found by any of these techniques. However, they still miss 1.5% of certificates observed in a crawl of all domains in .com, .net, and .org. We go on to illustrate how this combined perspective affects results from previous studies. In light of these findings, we have worked with the operators of Censys to incorporate CT log data into its results going forward, and we recommend that future HTTPS measurement adopt this new vantage.

Original languageEnglish (US)
Title of host publicationIMC 2016 - Proceedings of the 2016 ACM Internet Measurement Conference
PublisherAssociation for Computing Machinery
Number of pages7
ISBN (Electronic)9781450345262
StatePublished - Nov 14 2016
Event2016 ACM Internet Measurement Conference, IMC 2016 - Santa Monica, United States
Duration: Nov 14 2016Nov 16 2016

Publication series

NameProceedings of the ACM SIGCOMM Internet Measurement Conference, IMC


Other2016 ACM Internet Measurement Conference, IMC 2016
Country/TerritoryUnited States
CitySanta Monica

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'Towards a complete view of the certificate ecosystem'. Together they form a unique fingerprint.

Cite this