Original upload date: Sat, 02 Nov 2013 00:00:00 GMT
Archive date: Wed, 01 Dec 2021 17:38:46 GMT
Moxie Marlinspike - SSL And The Future Of Authenticity
In the early 90's, at the dawn of the World Wide Web, some engineers at Netscape developed a protocol for making secure HTTP requests, and what t
...
hey came up with was called SSL. Given the relatively scarce body of knowledge concerning secure protocols at the time, as well the intense pressure that everyone at Netscape was working under, their efforts can only be seen as incredibly heroic. But while it's amazing that SSL has endured for as long as it has, some parts of it -- particularly those concerning Certificate Authorities -- have always caused some friction, and have recently started to cause real problems. This talk will examine authenticity within SSL, shed new light on the current problems, and cover some new strategies for how to move forward.