Every day, we rely on our web browsers to keep our communications secure. Whether we are submitting our credit card for purchases, doing online banking, or sending email, the same fundamental security structure is being used. The lock icon displayed by web browsers might give users reason to believe that the prevailing "certificate"-based model is trustworthy, the reality is that many vulnerabilities exist, and the risks are multiplying. Hundreds of different entities located around the world have the ability to issue fraudulent certificates that will nevertheless be trusted by our browsers. Overcoming the shortcomings in the current model and working toward a better model requires cooperation of corporations, the government, developers, and users. Many of the most difficult challenges are not technical in nature but rather social or political.
Andrew McLaughlin, White House Deputy CTO, Internet Policy
Panelists and Respondents:
Peter Eckersley, Senior Staff Technologist, Electronic Frontier Foundation
Adam Langley, Google
Scott Rea, Senior PKI Architect, DigiCert
Ari Schwartz, Senior Internet Policy Advisor, National Institute of Standards and Technology
Paul Vixie, President, Internet Software Consortium
Hosted by Princeton's Center for Information Technology Policy and the New America Foundation
This event is free and open to the public.