The case for prefetching and prevalidating TLS server certificates
Authors: E. Stark, L.S. Huang, D. Israni, C. Jackson, and D. Boneh
Abstract:
A key bottleneck in a full TLS handshake is the need to fetch and
validate the server certificate before a secure connection can be
established. We propose a mechanism by which a browser can prefetch
and prevalidate server certificates so that by the time the user
clicks on an HTTPS link the server's certificate is immediately ready
to be used to setup a TLS session. Combining this with a recent
proposal called Snap Start reduces the TLS handshake to zero round trips so
that an HTTP request can be sent over HTTPS immediately upon request.
Prefetching and prevalidating certificates improves web security
by making it less costly for websites to enable TLS and by
removing time pressure from the certificate validation process.
We implemented prefetching and prevalidation in the open-source browser Chromium, and performed extensive experiments to study the effects of four different prefetching strategies on server performance. Along the way we conducted a study of a popular certificate validation mechanism called OCSP and report on the performance and characteristics of common OCSP responders in the wild. The OCSP data collected, which is of independent interest, enabled us to evaluate the effectiveness of prefetching and prevalidating in reducing TLS handshake latency. We show a factor of four speed-up over the standard TLS handshake.
Reference:
In proceedings of the 19th Annual Network & Distributed System Security Conference (NDSS 2012)
Full paper: pdf.