Flawed TLS certificates are not uncommon on the Internet. While they signal a potential issue, in most cases they have benign causes (e.g., misconfiguration or even deliberate deployment). This adds fuzziness to the decision on whether to trust a connection or not. Little is known about perceptions of flawed certificates by IT professionals, even though their decisions impact high numbers of end users. Moreover, it is unclear how much the content of error messages and documentation influences these perceptions. To shed light on these issues, we observed 75 attendees of an industrial IT conference investigating different certificate validation errors. We also analyzed the influence of reworded error messages and redesigned documentation. We find that people working in IT have very nuanced opinions, with trust decisions being far from binary. The self-signed and the name-constrained certificates seem to be over-trusted (the latter also being poorly understood). We show that even small changes in existing error messages can positively influence resource use, comprehension, and trust assessment. At the end of the article, we summarize lessons learned from conducting usable security studies with IT professionals.
翻译:在互联网上,平坦的 TLS 证书并不罕见。 虽然它们表明了一个潜在的问题, 但在大多数情况下, 它们都有好的原因( 例如, 配置错误或者甚至故意部署 ) 。 这增加了关于是否信任连接的决定的模糊性。 虽然IT专业人员的决定对终端用户的影响很大, 但他们对有缺陷的证书的看法却鲜为人知。 此外, 错误消息和文件的内容有多少影响这些看法还不清楚。 为了澄清这些问题, 我们观察到75名参加工业IT会议的人调查不同的证书验证错误。 我们还分析了重新措辞错误消息和重新设计文件的影响。 我们发现, 信息技术工作者的意见非常微妙, 信任决定远非二进制。 自我签名和名称限制证书似乎过于信任( 后者也不太为人所知 ) 。 我们显示,即使现有错误信息的小改动也能积极影响资源使用、 理解 和 信任 评估 。 在文章结尾, 我们总结了与信息技术专业人员进行可用安全研究的经验教训 。