Everything you always wanted to know about Certificate Transparency: (but were afraid to ask)

Presented at 33C3 (2016), Dec. 27, 2016, 11:30 a.m. (60 minutes).

Certificate transparency - what is it, and what can be done with it?

Certificate Transparency is the new kid on the block of TLS. Specified as RFC6962 it is designed to prevent fraudulently issued TLS certificates, and detect wrongdoing from Certificate Authorities.

This talk will present Certificate Transparency in full details. Beginning from the attacks it prevents, key players and threat models, we will dive into the public data that is readily available and present ideas how to enhance its ecosystem as a whole.


Presenters:

  • Martin Schmiedecker
    ... is researcher for computer security and digital forensics in Vienna. Works for SBA Research. Member of C3Wien.

Links:

Similar Presentations: