Conference item
DSTC: DNS-based strict TLS configurations
- Abstract:
-
Most TLS clients such as modern web browsers enforce coarse-grained TLS security configurations. They support legacy versions of the protocol that have known design weaknesses, and weak ciphersuites that provide fewer security guarantees (e.g. non Forward-Secrecy), mainly to provide backward compatibility. This opens doors to downgrade attacks, as is the case of the POODLE attack [18], which exploits the client’s silent fallback to downgrade the protocol version to exploit the legacy version’...
Expand abstract
- Publication status:
- Published
- Peer review status:
- Peer reviewed
Actions
Access Document
- Files:
-
-
(Accepted manuscript, pdf, 294.8KB)
-
- Publisher copy:
- 10.1007/978-3-030-12143-3_9
Authors
Funding
Bibliographic Details
- Publisher:
- Springer, Cham Publisher's website
- Host title:
- CRiSIS 2018: Risks and Security of Internet and Systems
- Series:
- Lecture Notes in Computer Science
- Journal:
- 13th International Conference on Risks and Security of Internet and Systems Journal website
- Volume:
- 11391
- Pages:
- 93-109
- Publication date:
- 2019-01-25
- Acceptance date:
- 2018-09-05
- DOI:
- ISSN:
-
0302-9743
- ISBN:
- 9783030121433
Item Description
- Pubs id:
-
pubs:919567
- UUID:
-
uuid:3c496e85-9020-4563-806d-397375ee86d5
- Local pid:
- pubs:919567
- Source identifiers:
-
919567
- Deposit date:
- 2018-09-14
Terms of use
- Copyright holder:
- Springer Nature Switzerland AG
- Copyright date:
- 2019
- Notes:
- Copyright © 2019 Springer Nature Switzerland AG. This is the accepted manuscript version of the article. The final version is available online from Springer at: https://doi.org/10.1007/978-3-030-12143-3_9
Metrics
If you are the owner of this record, you can report an update to it here: Report update to this record