Abstract:The modern Internet is highly dependent on trust communicated via certificates. However, in some cases, certificates become untrusted, and it is necessary to revoke them. In practice, the problem of secure revocation is still open. Furthermore, the existing procedures do not leave a transparent and immutable revocation history. We propose and evaluate a new revocation transparency protocol that introduces postcertificates and utilizes the existing Certificate Transparency (CT) logs. The protocol is practical, has a low deployment cost, provides an immutable history of revocations, enables delegation, and helps to detect revocation-related misbehavior by certificate authorities (CAs). With this protocol, a holder of a postcertificate can bypass the issuing CA and autonomously initiate the revocation process via submission of the postcertificate to a CT log. The CAs are required to monitor CT logs and proceed with the revocation upon detection of a postcertificate. Revocation status delivery is performed independently and with an arbitrary status protocol. Postcertificates can increase the accountability of the CAs and empower the certificate owners by giving them additional control over the status of the certificates. We evaluate the protocol, measure log and monitor performance, and conclude that it is possible to provide revocation transparency using existing CT logs.

What problem does this paper attempt to address?

### Problems the Paper Aims to Solve This paper aims to address the issues of transparency and immutability in the current certificate revocation process. Specifically: 1. **Lack of transparency in existing revocation mechanisms**: The current certificate revocation process lacks transparency, and revocation history can be modified or deleted, making it impossible to track the history of revocations. 2. **Dependency in the revocation process**: The current revocation process is highly dependent on Certificate Authorities (CAs), and clients need to go through CAs to revoke certificates, which is both time-consuming and costly. 3. **Instability of revocation status**: Most browsers do not perform a complete revocation status check for each certificate, and existing revocation status protocols have many security issues. 4. **Loss of revocation history**: After a certificate expires, most revocation statuses disappear quickly, making it difficult to study certificate revocation. To address these issues, the paper proposes a new Revocation Transparency Protocol, introducing the concept of "Postcertificates" and utilizing existing Certificate Transparency (CT) logs to achieve this goal. The main features of this protocol include: - **Self-revocation**: Clients holding Postcertificates can initiate the revocation process autonomously by submitting Postcertificates to CT logs, without needing to go through CAs. - **Immutable history**: CT logs provide an immutable revocation history, increasing the transparency of the revocation process. - **Delegated revocation**: Postcertificates can be used to delegate revocation authority, allowing other entities to revoke certificates under specific conditions. - **Detection of CA misbehavior**: By monitoring CT logs, it is possible to detect misbehavior by CAs in the revocation process, such as publishing incorrect revocation statuses. In summary, by introducing Postcertificates and leveraging existing CT logs, this paper aims to enhance the transparency, autonomy, and security of the certificate revocation process.

Postcertificates for Revocation Transparency

CertLedger: A New PKI Model with Certificate Transparency Based on Blockchain

Investigate and Improve the Certificate Revocation in Web PKI

On the release of CRLs in public key infrastructure

CertChain: Public and Efficient Certificate Audit Based on Blockchain for TLS Connections

Automatic verification of transparency protocols (extended version)

The Invisible Side of Certificate Transparency: Exploring the Reliability of Monitors in the Wild

Credibility Attestation of Property Remote Attestation Method

BRT: An Efficient and Scalable Blockchain-Based Revocation Transparency System for TLS Connections

Optimal CRL Releasing Strategy in Public Key Infrastructure.

Certificate Revocation Release Policies

The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem

Private Queries on Public Certificate Transparency Data

Private Status Retrieval for Blockchain-Based Certificate Revocation System

Revocable certificateless Provable Data Possession with identity privacy in cloud storage

ScalaCert: Scalability-Oriented PKI with Redactable Consortium Blockchain Enabled "On-Cert" Certificate Revocation

Blockchain-based TLS Notary Service

Aggregation-Based Certificate Transparency Gossip

A scalable scheme for certificate revocation

A new Privacy Preserving and Scalable Revocation Method for Self Sovereign Identity -- The Perfect Revocation Method does not exist yet

A New Provably Secure Certificateless Signature with Revocation in the Standard Model