This paper presents an in-depth analysis of the certificate validation process employed in current web browsers. It discusses the shortcomings especially arising from the inappropriate management of the certificate status. Various improvements proposed so far are presented and analyzed with the aid of a threat model. The results are further enriched by some empirical studies. Finally, the outcomes of the aforementioned analysis are used to sketch an extended website certificate validation process with the aim of allowing for a better protection. Copyright © 2013 John Wiley & Sons, Ltd.