YoVDO

CRLite - A Scalable System for Pushing All TLS Revocations to All Browsers

Offered By: IEEE via YouTube

Tags

Web Security Courses Network Protocols Courses Bloom Filters Courses

Course Description

Overview

Explore a scalable system for pushing all TLS revocations to browsers in this 17-minute conference talk presented at the 2017 IEEE Symposium on Security & Privacy. Dive into CRLite, an efficient solution that addresses the limitations of current certificate revocation mechanisms. Learn how CRLite aggregates revocation information for all known, valid TLS certificates on the web and stores them in a space-efficient filter cascade data structure. Discover how browsers can periodically download and use this data to check for revocations in real-time without compromising security or privacy. Examine the prototype implementation processing certificates from various sources and its integration with a Firefox extension. Compare CRLite's performance to idealized browser revocation checking, and understand its low bandwidth requirements. Gain insights into topics such as TLS overview, certificate revocation lists, OCSP, browser support, Bloom filters, and the CRLite pipeline, demonstrating how complete TLS/SSL revocation checking can be achieved for all clients.

Syllabus

Intro
TLS Overview
Certificate Revocation Lists
Online Certificate Status Protocol
Browser Support
OCSP Stapling
Bloom Filters
Filter Cascade: Checking
CRLite Pipeline
Our Filter Cascade
Audit Log Distribution


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Learn Admin Fundamentals in Marketing Cloud
Salesforce via Trailhead
Basic Cryptography and Programming with Crypto API
University of Colorado System via Coursera
User Authentication & Authorization in Express
Codecademy
Introduction to Web Authentication
World Wide Web Consortium (W3C) via edX
Escudo Digital: Ciberseguridad para Protección de Datos y Sistemas
Universidad Anáhuac via edX