Certificate Pinning For The Rest Of Us (mrmcd19)
Chaos Computer Club - archive feed · Heurekus
September 13, 201927m 12s
Audio is streamed directly from the publisher (cdn.media.ccc.de) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
A talk about the utterly broken chain of trust of SSL/TLS certificates and certificate pinning in the browser as a means to take back control.
Web browser developers have been betrayed by the SSL/TLS chain of trust more than once in the past. As a result they are now pinning their own certificates which means that they only trust a particular issuer. This talk gives an overview how the chain of trust works, of potential attack vectors, presents remedies that were tried and explains why they were largely unsuccessful. Finally a solution is presented how the rest of us can also regain control with a Firefox plugin that pins certificates of our choosing and warns when nasty things happen.
about this event: https://talks.mrmcd.net/2019/talk/H8XDK8/
Topics
mrmcd191842019