![[Search]](/static/images/search.gif){kind=small}
![[A-Z Index]](/static/images/az.gif){kind=small}
![[Contact]](/static/images/contact.gif){kind=small}
![[University of Cambridge]](/static/images/identifier2.gif){kind=small}
![[Talks.cam]](/static/images/talkslogosmall.gif)
Joseph Bonneau, Google
Wednesday 08 May 2013, 16:15-17:15
Pins, Tacks, and Slinks: Proposals for patching PKI on the web
- đ¤ Speaker: Joseph Bonneau, Google
- đ Date & Time: Wednesday 08 May 2013, 16:15 - 17:15
- đ Venue: Lecture Theatre 2, Computer Laboratory, William Gates Building
Abstract
Abstract: The Certificate Authority (CA) system, added as an afterthought in the mid-1990s during initial development of SSL , has become a critical component for security on the web. Its faults have been become painfully clear over the past 2 years, with at least four known CA compromises which have enabled eavesdropping of real user’s web traffic with grave consequences. This talk will survey the growing menagerie of proposals patching the CA system to mitigate such failures, including HPKP , Certificate Transparency, DANE , TACK, Perspectives, and s-links. It will lay out the challenges inherent in any attempt to efficiently and securely distribute security policy on a global scale and compare several potential combinations of protocols which could be paths forward.
Bio: Joseph Bonneau is an engineer at Google New York. He completed his PhD in 2012 at the Security Group in Cambridge under Ross Anderson on human authentication.
Series This talk is part of the Computer Laboratory Security Seminar series.
Included in Lists
- All Talks (aka the CURE list)
- bld31
- Cambridge talks
- Computer Laboratory Security Seminar
- Department of Computer Science and Technology talks and seminars
- Interested Talks
- Lecture Theatre 2, Computer Laboratory, William Gates Building
- School of Technology
- Security-related talks
- Trust & Technology Initiative - interesting events
- yk449
Note: Ex-directory lists are not shown.