Who Watches the Watchers in Web PKI?
Date: Wednesday, May 22, 2019
Time: 2:00 PM to 3:00 PM
Event Type: Seminar
Room Description: Hewlett Room
Host: Alin Tomescu, MIT
Contact: Ioan A Tomescu Nicolescu, firstname.lastname@example.org
Speaker URL: None
email@example.com, firstname.lastname@example.org, email@example.com
TALK: Who Watches the Watchers in Web PKI?
Since the dawn of time (well, Web PKI), certificates have been used to ensure that internet users are actually talking to the websites they think they are. Since the dawn of time (a.k.a. the mid-90s) Certificate Authorities have been trusted to Do The Right ThingTM when issuing these certificates, and watch out for baddies trying to get their hands on certificates for domains they don’t own. But what if a CA makes issuance mistakes? What if a CA is hacked? What if a CA is run by the baddies themselves?! Who watches the watchers?
Enter: Certificate Transparency.
Certificate Transparency is the latest internet security superhero. Power: detecting certificate misissuance and certificate authority misbehaviour (oooh yeah).
But seriously, capes and wearing-undies-over-skin-tight-lycra aside, what exactly is Certificate Transparency? How does it work? Why should you care? Is it even helping? Come along to this talk and find out!
Kat is a Software Engineer on the Trust Fabric team at Google, where she is currently focusing on building infrastructure to ensure actors within the Certificate Transparency ecosystem are operating in line with the Chrome Certificate Transparency Log Policy.
Prior to Google, Kat was a Research Engineer in the Networks and Systems research group at UCL. Kat has an MSc in Information Security from UCL, and a BSc (Hons) in Mathematics from Dalhousie University. In her spare time Kat loves to ski, swim, read, and play various musical instruments, with varying levels of success!
Security & Cryptography, Systems & Networking
Created by Ioan A Tomescu Nicolescu at Saturday, April 27, 2019 at 11:39 AM.