{"id":"https://openalex.org/W3212377246","doi":"https://doi.org/10.1145/3460120.3484768","title":"Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem","display_name":"Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem","publication_year":2021,"publication_date":"2021-11-12","ids":{"openalex":"https://openalex.org/W3212377246","doi":"https://doi.org/10.1145/3460120.3484768","mag":"3212377246"},"language":"en","primary_location":{"id":"doi:10.1145/3460120.3484768","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3460120.3484768","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100395383","display_name":"Yiming Zhang","orcid":"https://orcid.org/0000-0002-9902-4664"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yiming Zhang","raw_affiliation_strings":["Tsinghua University &amp; Beijing National Research Center for Information Science and Technology, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University &amp; Beijing National Research Center for Information Science and Technology, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101694986","display_name":"Baojun Liu","orcid":"https://orcid.org/0000-0002-9032-8063"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Baojun Liu","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040912987","display_name":"Chaoyi Lu","orcid":"https://orcid.org/0009-0005-3512-7612"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chaoyi Lu","raw_affiliation_strings":["Tsinghua University &amp; 360Netlab, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University &amp; 360Netlab, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100452308","display_name":"Zhou Li","orcid":"https://orcid.org/0000-0002-9401-1012"},"institutions":[{"id":"https://openalex.org/I204250578","display_name":"University of California, Irvine","ror":"https://ror.org/04gyf1771","country_code":"US","type":"education","lineage":["https://openalex.org/I204250578"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhou Li","raw_affiliation_strings":["University of California, Irvine, Irvine, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Irvine, Irvine, CA, USA","institution_ids":["https://openalex.org/I204250578"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067799841","display_name":"Haixin Duan","orcid":"https://orcid.org/0000-0003-0083-733X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haixin Duan","raw_affiliation_strings":["Tsinghua University &amp; QI-ANXIN Technology Research Institute, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University &amp; QI-ANXIN Technology Research Institute, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100357067","display_name":"Jiachen Li","orcid":"https://orcid.org/0000-0002-0368-3551"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiachen Li","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5015684223","display_name":"Zaifeng Zhang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zaifeng Zhang","raw_affiliation_strings":["360Netlab, Beijing, China"],"affiliations":[{"raw_affiliation_string":"360Netlab, Beijing, China","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5100395383"],"corresponding_institution_ids":["https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":1.5282,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.83854071,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1373","last_page":"1387"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/public-key-infrastructure","display_name":"Public key infrastructure","score":0.9326021671295166},{"id":"https://openalex.org/keywords/root","display_name":"Root (linguistics)","score":0.706150233745575},{"id":"https://openalex.org/keywords/certificate","display_name":"Certificate","score":0.6948143243789673},{"id":"https://openalex.org/keywords/public-key-certificate","display_name":"Public key certificate","score":0.6215765476226807},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.595226526260376},{"id":"https://openalex.org/keywords/certificate-authority","display_name":"Certificate authority","score":0.5837178826332092},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.5803325176239014},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5615623593330383},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5136955976486206},{"id":"https://openalex.org/keywords/public-key-cryptography","display_name":"Public-key cryptography","score":0.4126679301261902},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.40225499868392944},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.13204023241996765}],"concepts":[{"id":"https://openalex.org/C72648740","wikidata":"https://www.wikidata.org/wiki/Q658476","display_name":"Public key infrastructure","level":4,"score":0.9326021671295166},{"id":"https://openalex.org/C171078966","wikidata":"https://www.wikidata.org/wiki/Q111029","display_name":"Root (linguistics)","level":2,"score":0.706150233745575},{"id":"https://openalex.org/C96865113","wikidata":"https://www.wikidata.org/wiki/Q2946816","display_name":"Certificate","level":2,"score":0.6948143243789673},{"id":"https://openalex.org/C167529545","wikidata":"https://www.wikidata.org/wiki/Q274758","display_name":"Public key certificate","level":4,"score":0.6215765476226807},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.595226526260376},{"id":"https://openalex.org/C93636275","wikidata":"https://www.wikidata.org/wiki/Q196776","display_name":"Certificate authority","level":4,"score":0.5837178826332092},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5803325176239014},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5615623593330383},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5136955976486206},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.4126679301261902},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.40225499868392944},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.13204023241996765},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3460120.3484768","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3460120.3484768","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":29,"referenced_works":["https://openalex.org/W1452942402","https://openalex.org/W1708992266","https://openalex.org/W2001637908","https://openalex.org/W2013433855","https://openalex.org/W2056494114","https://openalex.org/W2104899073","https://openalex.org/W2112736324","https://openalex.org/W2122538967","https://openalex.org/W2129830111","https://openalex.org/W2130867912","https://openalex.org/W2233063544","https://openalex.org/W2442244735","https://openalex.org/W2538863639","https://openalex.org/W2551436658","https://openalex.org/W2552873532","https://openalex.org/W2612070316","https://openalex.org/W2612544399","https://openalex.org/W2625329361","https://openalex.org/W2733681384","https://openalex.org/W2754665629","https://openalex.org/W2755252385","https://openalex.org/W2794584163","https://openalex.org/W2805984568","https://openalex.org/W2899471681","https://openalex.org/W2965754636","https://openalex.org/W3008428742","https://openalex.org/W3093849846","https://openalex.org/W3094128402","https://openalex.org/W4298051233"],"related_works":["https://openalex.org/W2994213367","https://openalex.org/W2111816087","https://openalex.org/W4210686566","https://openalex.org/W2247980666","https://openalex.org/W2914672392","https://openalex.org/W2610396733","https://openalex.org/W3196529645","https://openalex.org/W1512148333","https://openalex.org/W2627063197","https://openalex.org/W4386280706"],"abstract_inverted_index":{"HTTPS":[0],"secures":[1],"communications":[2],"in":[3],"the":[4,10,16,62],"web":[5,80],"and":[6,27],"heavily":[7],"relies":[8],"on":[9,34],"Web":[11,17,31],"PKI":[12],"for":[13],"authentication.":[14],"In":[15],"PKI,":[18],"Certificate":[19],"Authorities":[20],"(CAs)":[21],"are":[22],"organizations":[23],"that":[24],"provide":[25],"trust":[26,50,78],"issue":[28],"digital":[29],"certificates.":[30],"clients":[32],"rely":[33],"public":[35,63],"root":[36,59,64,71],"stores":[37],"maintained":[38],"by":[39,55],"operating":[40],"systems":[41],"or":[42],"browsers,":[43],"with":[44],"hundreds":[45],"of":[46],"audited":[47],"CAs":[48,60],"as":[49,53],"anchors.":[51],"However,":[52],"reported":[54],"security":[56],"incidents,":[57],"hidden":[58],"beyond":[61],"programs":[65],"have":[66],"been":[67],"imported":[68],"into":[69],"local":[70],"stores,":[72],"which":[73],"allows":[74],"adversaries":[75],"to":[76],"gain":[77],"from":[79],"clients.":[81]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}