What is SSL, a CA and FreeCert?

Presented at DEF CON 9 (2001), July 14, 2001, noon (50 minutes)

The goal of FreeCertis to provide free or low-cost certificate authority services to individuals and organizations with limited budgets, as well as raise awareness of the services that CA's actually provide.

Many users of the Internet today are unaware of what role a CA plays in the process of secure website viewing. In my presentation, I intend to give a brief explanation of how SSL works and what it is that a CA does. I will explain what the browser warning messages mean to the user, and what to do when encountering them. I will discuss the dangers of trusting CAs, and methods of ensuring that certificates are valid when the CA cannot be ultimately trusted.

Following this, I will present details about FreeCert: what it does and does not intend to accomplish, who can benefit from it, and how it will execute these goals. Information on becoming involved in the development of FreeCert will be provided, and questions about FreeCert will be answered.

Presenters:

• Len Sassaman - Security Architect Technology Consultant
  Len Sassaman is a Systems Engineer for PDC Solutions, Inc. His primary focus is information security, specializing in email security and anonymity services. Len is an anonymous remailer operator, a member of The Shmoo Group, and a CryptoRights Foundation staff member.

Links:

• https://defcon.org/html/defcon-9/defcon-9-speakers.html#Len Sassaman
• https://infocon.org/cons/DEF CON/DEF CON 9/DEF CON 9 video/DEF CON 9 - Len Sassaman - What is SSL a CA and FreeCert.mp4
• https://www.youtube.com/watch?v=y3BAfiQN8Lk

Similar Presentations:

• 32C3 (2015) / Let's Encrypt -- What launching a free CA looks like
• 31C3 (2014) / Let's Encrypt: A Free Robotic Certificate Authority
• DEF CON 17 (2009) / Criminal Charges are not pursued: Hacking PKI