We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Lets Encrypt Minting Free Certificates to Encrypt the Entire Web

6
 Zitieren
 Teilen
 Herunterladen
 Bestellen
Kein Logo verfügbarDEF CON
 Eckersley, Peter Kasten, James Yan

Formale Metadaten

Titel
Lets Encrypt Minting Free Certificates to Encrypt the Entire Web
Serientitel
Anzahl der Teile
109
Autor
Lizenz
CC-Namensnennung 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
Identifikatoren
Herausgeber
Erscheinungsjahr
Sprache

Inhaltliche Metadaten

Fachgebiet
Genre
Abstract
Let's Encrypt is a new certificate authority that is being launched by EFF in collaboration with Mozilla, Cisco, Akamai, IdenTrust, and a team at the University of Michigan. It will issue certificates for free, using a new automated protocol called ACME for verification of domain control and issuance. This talk will describe the features of the CA and available clients at launch; explore the security challenges inherent in building such a system; and its effect on the security of the CA marketplace as a whole. We will also update our place on the roadmap to a Web that uses HTTPS by default. Speaker Bios: Peter Eckersley is Chief Computer Scientist for the Electronic Frontier Foundation. He leads a team of technologists who watch for technologies that, by accident or design, pose a risk to computer users' freedoms—and then look for ways to fix them. They write code to make the Internet more secure, more open, and safer against surveillance and censorship. They explain gadgets to lawyers and policymakers, and law and policy to gadgets. Aside from Let's Encrypt, Peter's other work at EFF has included privacy and security projects such as Panopticlick, HTTPS Everywhere, SSDI, and the SSL Observatory; helping to launch a movement for open wireless networks; fighting to keep modern computing platforms open; and running the first controlled tests to confirm that Comcast was using forged reset packets to interfere with P2P protocols. Peter holds a PhD in computer science and law from the University of Melbourne. James Kasten is a PhD candidate in Computer Science and Engineering at the University of Michgan and a STIET fellow. James is also a contractor at the Electronic Frontier Foundation. His research focuses on practical network security and PKI. James has published on the state of TLS, its certificate ecosystem and its vulnerabilities. Most notably, James has helped design the protocol and launch the technology behind Let's Encrypt. Yan is a security engineer at Yahoo, mostly working on End-to-End email encryption and improving TLS usage. She is also a Technology Fellow at EFF and a core developer of Let's Encrypt, HTTPS Everywhere, Privacy Badger Firefox, and SecureDrop. Yan has held a variety of jobs in the past, ranging from hacking web apps to composing modern orchestra music. She got a B.S. from MIT in 2012 and is a proud PhD dropout from Stanford. Yan has been a speaker at HOPE, DEFCON 22, jQuerySF, Real World Crypto, SXSW, and various other human gatherings. She is @bcrypt on Twitter.