Sessions at Open Source Bridge 2010 about Security and SSL and Cryptorage on Tuesday 1st June

Your current filters are…

Clear
  • Fixing SSL security: Supplementing the certificate authority model

    by Seth Schoen

    The most common way of using SSL/TLS encryption relies on a public-key infrastructure that puts near-absolute trust in a large number of entities around the world, any one of which could accidentally or deliberately empower anyone in between us and our communication partners to impersonate any site or service and spy on all of our communications. We've seen that these certificate authorities can make mistakes. CA mistakes, or collaboration with attackers, can expose us to undetectable man-in-the-middle attacks, so we need new mechanisms to meaningfully double-check that they're doing the right thing.

    I will discuss a whitepaper and research collaboration that are exploring the available sources of information that could help address this problem.

    At 1:30pm to 2:15pm, Tuesday 1st June