CA failures and the future of Web authentication (EN)
In 2011, a number of Certification Authorities suffered catastrophic failures which showed that the SSL CA system, a cornerstone of the secure Web, has been undermined by attackers and corporate greed. These failures and malpractices may well lead to the eventual downfall of SSL certificates as we know them.
This talk will summarize the events which transpired last year (and continue to pop up in 2012) and show which alternatives are currently in the making. It will introduce concepts like DANE, Convergence, Sovereign Keys and show some interesting info about SSL certificates "in the wild".
Return to program overview