The Shifting Web of Trust : Exploring the Transformative Journey of Certificate Chains in Prominent Domains / Förtroendets Föränderliga Väv : Att Utforska den Transformativa Resan av Certifikatkedjor av Populära Domäner

Döberl, Marcus, Freiherr von Wangenheim, York

January 2023

The security and integrity of TLS certificates are essential for ensuring secure transmission over the internet and protecting millions of people from man-in-the-middle attacks. Certificate Authorities (CA) play a crucial role in issuing and managing thesecertificates. This bachelor thesis presents a longitudinal analysis of certificate chains forpopular domains, examining their evolution over time and across different categories. Using publicly available certificate data from sources such as crt.sh and censys.io, we createda longitudinal dataset of certificate chains for domains from the Top 1-M list of Tranco.We categorized the certificates based on their type, and the particular service categories.We analyzed a selected set of domains over time and identified the patterns and trendsthat emerged in their certificate chains. Our analysis revealed several noteworthy trends,including an increase in the use of new CAs and a shift of which types of certificates areused, we also found a trend in shorter certificate chains and fewer paths from domain toroot certificate. This implies a more streamlined and simplified certificate process overtime until today. Our findings have implications for the broader cybersecurity communityand demonstrate the importance of ongoing monitoring and analysis of certificate chainsfor popular domains.

Certificate Authority

CA

Let's Encrypt

Network modelling

analysis

and measurement; Network security

authentication

measurement

trust and privacy; Web technologies

Internet säkerhet

Certifikat

Cybersäkerhet

Nätverk

Internet

Computer and Information Sciences

Data- och informationsvetenskap