Abstract by Luke Dickinson
Leveraging Locality of Reference in Web Requests to Improve TLS Certificate Revocation
3M - TLS certificate revocation is required to mitigate man-in-the-middle attacks involving a compromised certificate. Because of many problems in current revocation strategies, modern desktop browsers today have disabled most TLS revocation validation and mobile browsers ignore it completely, leaving many users unprotected. We propose a new TLS revocation strategy that minimizes the scalability concerns and downgrade attacks present in other revocation strategies. Current research suggests that members of a population, such as students and faculty at a university, often visit a similar set of websites. In addition, similar populations will only visit a small percentage of the total websites on the Internet. By taking advantage of the browsing habits of a population, we allow clients to download revocation information for sites they will visit in the near future thereby enhancing their security while minimizing both bandwidth costs and page loading times.