Cryptographic agility is a key prerequisite for maintaining the long-term security of digital communication, particularly in light of the transition to post-quantum cryptography. To systematically assess this capability, Hohm et al. proposed the Crypto Agility Maturity Model (CAMM). In this work, we present the first evaluation of the CAMM against established design principles for maturity models. Our analysis reveals that the CAMM only partially satisfies these principles: its scope and target groups remain ambiguous; acceptance criteria are insufficiently operationalized, limiting verifiability and replicability; and dependency relations exhibit redundancies, cycles, and omissions. Applying the CAMM to a simple real-world scenario further confirmed these issues, as several requirements at higher maturity levels proved inapplicable or unclear. Based on these findings, we propose concrete improvements to the CAMM to enable more consistent and reliable assessments of cryptographic agility.This paper presents a practical evaluation of the Crypto-Agility Maturity Model, assessing organizational readiness for cryptographic transitions, particularly in the context of post-quantum cryptography. We evaluate the model’s applicability across different organizational contexts and provide insights into achieving crypto-agility.

Underground forums are thriving markets for illicit goods and services, such as data leaks. While these forums regularly come under the focus of criminal prosecution, often leading to platform shutdowns and the conviction of operators, successors emerge quickly. In this paper, we present a study of the underground forum BreachForums. BreachForums served as the successor to the popular RaidForums, survived several forum takedowns, and remained operational until June 2025. We perform the first public analysis of the leaked BreachForums database from 2022, and enrich our results with scraped data from the latest successor. This enables us to conduct a longitudinal study on the factors contributing to the forum’s resilience.

We find that the operational security of forum users, particularly Key Users selling products and services, is generally strong, making their identification challenging. However, some users involved in data leak exchanges exhibit weak operational security, which may potentially allow law enforcement to track them. Moreover, our analysis reveals that takedown efforts have a limited impact on the availability of illegal data, as externally hosted leaks remain accessible and get reposted on successor platforms. We argue that law enforcement’s current focus on arresting forum operators seems insufficient, as new platforms continue to emerge.

The Lightweight Directory Access Protocol (LDAP) is widely used to make structured data available for standardized lookup, which may sometimes include personal information or authentication credentials. Previous work, including ours, found security issues such as public LDAP servers leaking sensitive information without prior authentication and server configurations with poor communication security. However, prior work did not investigate whether, or to what extent, the identified problems are linked to hosting and management setups. In this paper, we address this gap and explore the organizations hosting publicfacing LDAP servers. We identify the network segments more likely to host LDAP instances, the products and operating systems used, and examine the management practices related to Public Key Infrastructure (PKI) setups for LDAP. In contrast to studies on Web and email, which have revealed strong centralization tendencies in deployment, we show that the LDAP ecosystem is diverse, with a wide range of different hosting networks. In this study, we identify 69.1 k LDAP instances—6.5× more than prior work—and map these to the respective LDAP products. We find that 5.8% of the servers use a product that is end-of-life or runs on a deprecated OS. We identify servers using problematic X. 509 certificates, eg, those associated with publicly known private keys. From our observations, we give recommendations for network operators to improve their security posture.

We report on the first broad analysis of real-world S/MIME certificates for digitally signing and encrypting emails. We collected more than 41 million unique X.509 certificates from public address books, i.e., LDAP servers, of which 38 million fulfill the requirements for use with S/MIME in email clients. Despite the surprisingly complex construction of trust chains for S/MIME certificates, we could build chains for a large subset of certificates and show which are trusted in widely used applications. Our results show that many of those S/MIME certificates are issued by non-publicly trusted CAs.

Our analysis of the cryptographic keys, certificate attributes, and new regulations, i.e., the CA/Browser Forum’s S/MIME Baseline Requirements, shows that the S/MIME PKI is generally heading in the right direction. Most certificates using compromised or weak key material have expired, weak cryptographic algorithms are being phased out, and CAs are generally issuing more secure certificates. However, the underlying RFCs and email clients should be more stringent about what is considered an S/MIME certificate. Additionally, CAs should improve the distribution of certificate chains to improve user experience and security.

The Lightweight Directory Access Protocol (LDAP) is the standard technology to query information stored in directories. These directories can contain sensitive personal data such as usernames, email addresses, and passwords. LDAP is also used as a central, organization-wide storage of configuration data for other services. Hence, it is important to the security posture of many organizations, not least because it is also at the core of Microsoft’s Active Directory, and other identity management and authentication services.

We report on a large-scale security analysis of deployed LDAP servers on the Internet. We developed LanDscAPe, a scanning tool that analyzes security-relevant misconfigurations of LDAP servers and the security of their TLS configurations. Our Internet-wide analysis revealed more than 10k servers that appear susceptible to a range of threats, including insecure configurations, deprecated software with known vulnerabilities, and insecure TLS setups. 4.9k LDAP servers host personal data, and 1.8k even leak passwords. We document, classify, and discuss these and briefly describe our notification campaign to address these concerning issues.