HTTPS is the most commonly used cryptographic protocol on the Internet. It protects communication content and provides endpoint authenticity at scale. However, deploying HTTPS in a truly secure fashion can be a challenging task even for experienced admins. To explore why this is the case and how these challenges can be fixed in order to support an even wider adoption, we conducted a user study, which was presented at USENIX Security 2017.
(Securing the Internet, One HTTP 200 OK at a Time, Wilfried Mayer, Katharina Krombholz, Martin Schmiedecker,and Edgar Weippl, Login, Usenix 2017, Vol 42, No 4)