PKI should go: A note on TLSA and DANE (Damjan Sirnik)
| February 15th, 2016Abstract:
With number of emerging new Trusted Certificate Authorities (CAs), a few not so recent CA breaches and the fact that any Trusted CA can issue certificate for any domain, there is an increasing risk of MITM attacks against users without them noticing anything. Fortunately, new standards are being proposed that are addressing these trust issues. We will look into DANE certificate pinning and how to implement it.
Bio:
Damjan Sirnik is a student at Faculty of Electrical Engineering, University of Ljubljana with experiences in systems and network security, web technologies and systems administration. These days his main interests are e-mail and web security.
Slides/Video/recordings: