Revocation Statuses on the Internet
This research provides a new understanding of certificate revocation practices and their shortcomings for internet security, motivating the development of a revocation transparency standard.
This paper presents the first longitudinal characterization of revocation statuses delivered by CRLs and OCSP servers, analyzing over 1 million revoked certificates, including 773K mass-revoked by Let's Encrypt. The study quantifies the short lifespan of revocation statuses and highlights inconsistencies in revocation practices across Certificate Authorities.
The modern Internet is highly dependent on the trust communicated via X.509 certificates. However, in some cases certificates become untrusted and it is necessary to revoke them. In practice, the problem of secure certificate revocation has not yet been solved, and today no revocation procedure (similar to Certificate Transparency w.r.t. certificate issuance) has been adopted to provide transparent and immutable history of all revocations. Instead, the status of most certificates can only be checked with Online Certificate Status Protocol (OCSP) and/or Certificate Revocation Lists (CRLs). In this paper, we present the first longitudinal characterization of the revocation statuses delivered by CRLs and OCSP servers from the time of certificate expiration to status disappearance. The analysis captures the status history of over 1 million revoked certificates, including 773K certificates mass-revoked by Let's Encrypt. Our characterization provides a new perspective on the Internet's revocation rates, quantifies how short-lived the revocation statuses are, highlights differences in revocation practices within and between different CAs, and captures biases and oddities in the handling of revoked certificates. Combined, the findings motivate the development and adoption of a revocation transparency standard.