A Tangled Mass: The Android Root Certificate Stores

@inproceedings{VallinaRodriguez2014ATM,
  title={A Tangled Mass: The Android Root Certificate Stores},
  author={Narseo Vallina-Rodriguez and Johanna Amann and Christian Kreibich and Nicholas Weaver and Vern Paxson},
  booktitle={CoNEXT},
  year={2014}
}
The security of today's Web rests in part on the set of X.509 certificate authorities trusted by each user's browser. Users generally do not themselves configure their browser's root store but instead rely upon decisions made by the suppliers of either the browsers or the devices upon which they run. In this work we explore the nature and implications of these trust decisions for Android users. Drawing upon datasets collected by Netalyzr for Android and ICSI's Certificate Notary, we… CONTINUE READING
Highly Cited
This paper has 33 citations. REVIEW CITATIONS

From This Paper

Figures, tables, and topics from this paper.

Citations

Publications citing this paper.
Showing 1-10 of 21 extracted citations

Measurement and Analysis of Private Key Sharing in the HTTPS Ecosystem

ACM Conference on Computer and Communications Security • 2016
View 2 Excerpts
Highly Influenced

CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers

2017 IEEE Symposium on Security and Privacy (SP) • 2017
View 1 Excerpt

References

Publications referenced by this paper.

The most dangerous code in the world: validating SSL certificates in non-browser software

ACM Conference on Computer and Communications Security • 2012
View 4 Excerpts
Highly Influenced

Similar Papers

Loading similar papers…