An Evaluation of X.509 Certificate Revocation and Related Privacy Issues in the Web PKI Ecosystem

Supporting users to transact with websites securely in a privacy-preserving manner has become more challenging than ever in the web ecosystem based on public key infrastructures. While establishing TLS (Transport Layer Security) secure channels to web servers, the X.509 certificates are typically used for server authentication. Such certificates must be correctly validated by the clients upon use. This paper discusses first the X.509 certificate format and the main entities (like standardization bodies, browser vendors, and organizations) involved in the definition, management, and processing of X.509 certificates. Subsequently, we concentrate on certificate revocation status checking (part of certificate validation) and the related privacy aspects. Through experiments, we show that some common web browsers still incorrectly or incompletely perform certificate revocation (status) checking, mainly for the non Extended Validation (non-EV) certificates, although the certificates contain useful extensions, and the web browsers implement partly this task. To this aim, we analyzed first the certificates in the Alexa Top 1 Million (Top1M) list containing the most widely accessed websites in August 2021. Then, we exploited a local testbed to assess common browsers' behaviour while checking the revocation status of EV and non-EV certificates. For non-EV certificates, the soft-fail approach was typically encountered, meaning the web browsers established TLS connections with the web server even if the revocation data was not available. For the EV certificates, the browsers implemented stricter controls. We discuss privacy issues related to certificate status checking, outlining that the so-called OCSP stapling mechanism may respond better to client latency and user privacy concerns. Finally, we analyze the adoption of the OCSP stapling mechanism and the support for Google's Certificate Transparency project in the Majestic Top1M list of website certificates in 2022. This work bridges the gap between X.509 standards/guidelines and real-world applications' behaviour in applying recommendations while handling certificates.