Customizing SSL Certificate Extensions to Reduce False-Positive Certificate Error/Warning Messages
Date
2016-08-04
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
International Journal of Information Security Science
Abstract
In today’s Internet world, X.509 certificates are commonly used in SSL protocol to provide security for web-based
services by server/client authentication and secure communication. Although SSL protocol presents a technical basis, this web security largely depends on user awareness of security measures as well. There are significant number of scientific studies in
the literature reporting that the count of invalid or self-signed certificate usage in today’s Internet can not be overlooked. At the
same time, quite a number of studies place emphasis on the acquired indifference towards certificate warning messages which
are popped up by web browsers when visiting web pages with invalid or self-signed certificates. In this study, with the
importance of user’s daily practices in developing habits in mind, we studied a modification of X.509 certificates in order to
reduce the number of false-positive certificate-warning pop ups in order to reduce gaining faulty usage habit of invalid
certificates.
Description
Keywords
electrical & electronics engineering