Joseph Bonneau – Fixing HTTPS:CITP Luncheon Series
New models for distributing transport security policy
Traditionally, web browsers decide to trust public keys a specific domain on the web if they are presented with a certificate signed by any of a large number of CAs a large number of CAs built into the browser. This has long been unsatisfactory to the security community and several recent high-profile CA compromises have motivated new thinking in this area. This talk will survey recent work in the area, framing the problem as one of reliably delivering authentic security policies for each domain to the browser. The talk will provide a broad survey of recent proposals such as Certificate Transparency, Sovereign Keys, TACK, Accountable Key Infrastructure, S-links, DNSSEC/DANE, and NameCoin.
Joseph Bonneau is a Postdoctoral Research Associate at CITP. His research interests include applied cryptography, authenticating humans, privacy and security on the web. He completed his PhD with the Security Group at the University of Cambridge Computer Laboratory, where he was a Gates Cambridge Scholar. Outside of academia he has worked in industry with Google, Cryptography Research Inc. and Yahoo!