CRLite - A Scalable System for Pushing All TLS Revocations to All Browsers
Offered By: IEEE via YouTube
Course Description
Overview
Explore a scalable system for pushing all TLS revocations to browsers in this 17-minute conference talk presented at the 2017 IEEE Symposium on Security & Privacy. Dive into CRLite, an efficient solution that addresses the limitations of current certificate revocation mechanisms. Learn how CRLite aggregates revocation information for all known, valid TLS certificates on the web and stores them in a space-efficient filter cascade data structure. Discover how browsers can periodically download and use this data to check for revocations in real-time without compromising security or privacy. Examine the prototype implementation processing certificates from various sources and its integration with a Firefox extension. Compare CRLite's performance to idealized browser revocation checking, and understand its low bandwidth requirements. Gain insights into topics such as TLS overview, certificate revocation lists, OCSP, browser support, Bloom filters, and the CRLite pipeline, demonstrating how complete TLS/SSL revocation checking can be achieved for all clients.
Syllabus
Intro
TLS Overview
Certificate Revocation Lists
Online Certificate Status Protocol
Browser Support
OCSP Stapling
Bloom Filters
Filter Cascade: Checking
CRLite Pipeline
Our Filter Cascade
Audit Log Distribution
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Learn Admin Fundamentals in Marketing CloudSalesforce via Trailhead Basic Cryptography and Programming with Crypto API
University of Colorado System via Coursera User Authentication & Authorization in Express
Codecademy Introduction to Web Authentication
World Wide Web Consortium (W3C) via edX Escudo Digital: Ciberseguridad para Protección de Datos y Sistemas
Universidad Anáhuac via edX