the view from a browser vendor reliable root stores
play

The view from a Browser Vendor : Reliable Root-Stores Tom Albertson - PowerPoint PPT Presentation

Oct 13, 2023 •115 likes •261 views

The view from a Browser Vendor : Reliable Root-Stores Tom Albertson Microsoft Corporation ETSI - European CA-Day 29. November 2012, Bundesdruckerei Oranienstrae 91 10969 Berlin Agenda Where We Began Where We Are Where We Are

  1. The view from a Browser Vendor : Reliable Root-Stores Tom Albertson Microsoft Corporation ETSI - European CA-Day 29. November 2012, Bundesdruckerei Oranienstraße 91 10969 Berlin

  2. Agenda • Where We Began • Where We Are • Where We Are Going

  3. In the Beginning 1. There was the Internet 2. And there was a CA (or two)… 3. We wrote some rules 4. And distributed their root certificates (in Windows) 5. The Internet Grew 6. And Grew 7. And Grew 8. Suddenly there were *lots* more CAs! 9. Everywhere! 10. So we wrote a few more rules…

  4. And Before We Knew It There were LOTS and LOTS of CAs And it was Basically Good

  5. Our Rules were Few • A few technical requirements (for our mutual protection) • A few general requirements (for our sanity as distributors) • A means of verifying that the first two requirements were true – Audit • The Same Rules for Everyone, Rigorously Enforced

  6. Then Came the Rains • ALONG CAME THE HACKERS! • WHO MESSED UP SEVERAL CAs • And harmed our customers FLAM AME RIP DIGINOTAR 1997-2011

  7. And there was a Flurry of Activity

  8. However • The attention to the Problem was Good

  9. So – Where Are We (Microsoft) Now? • Much More Aware – and Effective against Bad Certs SmartScreen Filters on Internet Explorer & Windows 8, Treating Bad Certificates = Malware

  10. Where is Microsoft Now, cont.? Much more Active (but Still Reactive) Utilizing Big Data (Bing, Windows Update, SQM) Yielding Interesting Results And Equivalent Data for SSL Sites (via Cert Tracking alpha, a la EFF – except far larger and more dynamic sample set)

  11. And we have some more Tools Automatic updater of revoked certificates ( Disallowed CTL) - KB2677070, see http://support.microsoft.com/kb/2677070 - FAST response to bad roots and intermediates - Effective Revocation within hours of release to Windows installed base * *Windows Vista and later * Provided users employ the Windows Update mechanism

  12. So, Where Should We (Microsoft) Go? (Doorway to Hell Cavern, Turkmenistan) OR…

  13. Maybe We Can Help Attack Bad Certs Technical means will have to await future announcements But based on what we’re learn we are looking at: 1. Making Changes to the Windows Root Certificate Program 2. Making qualitative distinctions between CAs a. Based on actual threat profile (threat to Windows users) b. Based on actual observed certificate activity and validity - SSL and code signing issuers - qualified certificates 3. Making recommendations on PKI network security practices (hard lessons learned)

  14. Questions, Links and Contacts • Windows Root Certificate Program http://technet.microsoft.com/en-us/library/cc751157.aspx And http://social.technet.microsoft.com/wiki/contents/articles/ 3281.introduction-to-the-microsoft-root-certificate- program.aspx KB931125 on the Auto Root Update Mechanism, http://support.microsoft.com/kb/931125 Tom Albertson, Program Manager, Trustworthy Computing (TwC) tomalb@Microsoft.com casubmit@Microsoft.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Production process press for reliable efficiency 160 m BCP and pre-tuned by vendor

Production process press for reliable efficiency 160 m BCP and pre-tuned by vendor

12 GeV Upgrade Cavities Production process press for reliable efficiency 160 m BCP and pre-tuned by vendor Receipt inspection mechanical and rf US >> Bake: 600 C, 10 hrs US >> EP: 30 m, @20 C regulated

87 views • 4 slides
Writing reliable end to end tests End to end browser tests They take a long time to run. Around

Writing reliable end to end tests End to end browser tests They take a long time to run. Around

Writing reliable end to end tests End to end browser tests They take a long time to run. Around 4-12 hours Long feedback cycles Tough to read or modify Flaky Not part of the development life cycle Unit tests are End to end important but they End

530 views • 38 slides
Feb 6: Parametric distributions What is a notebook anyway? The kernel stores the environment ,

Feb 6: Parametric distributions What is a notebook anyway? The kernel stores the environment ,

Feb 6: Parametric distributions What is a notebook anyway? The kernel stores the environment , representing variable names and their values. The notebook server listens for web requests The browser only stores the and passes them to the

490 views • 11 slides
Answer ALL of your Vendor Management Questions. 3 1 10/17/2019 Learning Objectives

Answer ALL of your Vendor Management Questions. 3 1 10/17/2019 Learning Objectives

10/17/2019 Vendor Management Fundamentals Jill Donnelly, Katie Germain, Robert Lehmann, and Karisa Stowell 1 1 Road Map NYS Vendor File Vendor Registration Vendor Maintenance eCommerce Initiative 1099 Reporting

330 views • 19 slides
ATLAS Update : I/O Developments Peter van Gemmeren (ANL) ROOT I/O

ATLAS Update : I/O Developments Peter van Gemmeren (ANL) ROOT I/O

ATLAS Update : I/O Developments Peter van Gemmeren (ANL) ROOT I/O Workshop, #3 ATLAS use of ROOT TTreeCache ATLAS stores most of its data in ROOT TTrees. RDO, ESD,

221 views • 7 slides
Key-Value Stores Key-value stores are popular. web searching, social networks, e-commerce,

Key-Value Stores Key-value stores are popular. web searching, social networks, e-commerce,

AC AC-Ke Key : Adaptive Caching for LSM-based Key-Value Stores Fenggang Wu , Ming-Hong Yang, Baoquan Zhang, David H.C. Du University of Minnesota, Twin Cities July 2020. USENIX ATC20 Key-Value Stores Key-value stores are popular. web

326 views • 16 slides
CS371m - Mobile Computing WebView and Web Services Using Built In Browser App To use the

CS371m - Mobile Computing WebView and Web Services Using Built In Browser App To use the

CS371m - Mobile Computing WebView and Web Services Using Built In Browser App To use the built in browser create an Intent and start the Activity 2 WebView A View that display web pages basis for creating your own web browser OR

1.28k views • 54 slides
VERB Web App / Framework View, Edit, and Run (your code) in the Browser An IDE Companion Remote

VERB Web App / Framework View, Edit, and Run (your code) in the Browser An IDE Companion Remote

VERB Web App / Framework View, Edit, and Run (your code) in the Browser An IDE Companion Remote Mobile Lightweight Quick Fully-Featured Text Editor Possible Features SCM Integration Sharing ... Kellen Donohue (kellend@{cs,uw}) , Zach

380 views • 3 slides
Nature Lovers View Of A Tree Trees leaves branches root Linear Lists And Trees Computer

Nature Lovers View Of A Tree Trees leaves branches root Linear Lists And Trees Computer

Nature Lovers View Of A Tree Trees leaves branches root Linear Lists And Trees Computer Scientists View Linear lists are useful for serially ordered data. (e 0 , e 1 , e 2 , , e n-1 ) root leaves Days of week.

300 views • 7 slides
Nature Lovers View Of A Tree Trees leaves branches root Linear Lists And Trees Computer

Nature Lovers View Of A Tree Trees leaves branches root Linear Lists And Trees Computer

Nature Lovers View Of A Tree Trees leaves branches root Linear Lists And Trees Computer Scientists View Linear lists are useful for serially ordered data. (e 0 , e 1 , e 2 , , e n-1 ) root leaves Days of week.

111 views • 10 slides
Microscope Slide Holder (10 slides fl at) R Robert VIEW IN BROWSER updated 22. 3. 2020 |

Microscope Slide Holder (10 slides fl at) R Robert VIEW IN BROWSER updated 22. 3. 2020 |

Microscope Slide Holder (10 slides fl at) R Robert VIEW IN BROWSER updated 22. 3. 2020 | published 22. 3. 2020 Summary Inspired by the recent push by Prusa research to design and manufacture useful items in the fi ght against coronavirus, I

239 views • 3 slides
Presentation Stand Y L N O L E D O M D 3 Seabird HH VIEW IN BROWSER updated 17. 8.

Presentation Stand Y L N O L E D O M D 3 Seabird HH VIEW IN BROWSER updated 17. 8.

Presentation Stand Y L N O L E D O M D 3 Seabird HH VIEW IN BROWSER updated 17. 8. 2020 | published 14. 8. 2020 Summary If you are looking for a presentation stand for a special object ... this one might be it!. The di ff erent 3D

482 views • 3 slides
Foamboard Poster Y L N O L E D Presentation Legs O M D 3 The3Designer VIEW IN BROWSER

Foamboard Poster Y L N O L E D Presentation Legs O M D 3 The3Designer VIEW IN BROWSER

Foamboard Poster Y L N O L E D Presentation Legs O M D 3 The3Designer VIEW IN BROWSER updated 3. 7. 2020 | published 3. 7. 2020 Summary These little and eays to print legs can be used to present a foamboard poster at a small angle.

276 views • 3 slides
PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO

PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO

Mario Vuksan & Tomislav PericinBlackHat USA 2013, Las Vegas PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO PRESS ROOT TO PRESS ROOT TO CONTINUE: CONTINUE: CONTINUE: CONTINUE:

690 views • 45 slides
Certicate Transparency Root Explorer Nikita Korzhitskii Niklas Carlsson Web Public Key

Certicate Transparency Root Explorer Nikita Korzhitskii Niklas Carlsson Web Public Key

Certicate Transparency Root Explorer Nikita Korzhitskii Niklas Carlsson Web Public Key Infrastructure (WebPKI) Root certificates of trusted Certificate Authorities e.g. GlobalSign Root CA, Amazon Root CA, GoDaddy Root CA Root 1 Root 2

347 views • 19 slides
Optimizing the Agency/Vendor Relationship Katie Germain, Linda Herald, Robert Lehmann 1 1 Road

Optimizing the Agency/Vendor Relationship Katie Germain, Linda Herald, Robert Lehmann 1 1 Road

Optimizing the Agency/Vendor Relationship Katie Germain, Linda Herald, Robert Lehmann 1 1 Road Map Vendor Improvements Vendor Self-Service/Vendor Portal Choosing the correct vendor Location eCommerce Initiative

594 views • 41 slides
Your Kid and Technology If you would like more information on todays subject or any other

Your Kid and Technology If you would like more information on todays subject or any other

Your Kid and Technology If you would like more information on todays subject or any other family issue please feel free to contact todays presenters: Brad Flurry // bflurry@kingsland.org Bobby Cooley // bcooley@kingsland.org Kayla Self //

568 views • 30 slides
Team Zac Presentation New School Model School/BOCES Tech Center White Building Flow Chart

Team Zac Presentation New School Model School/BOCES Tech Center White Building Flow Chart

Team Zac Presentation New School Model School/BOCES Tech Center White Building Flow Chart of School Districts Services Why Model School? Up to 80 Percent back on classroom hardware and software through the 516 this depends on poverty

442 views • 7 slides
Lisa Ann Hughey, CHMM; DSWM Deputy Director Purpose of the Hazardous Waste Matrix Tool Tool to

Lisa Ann Hughey, CHMM; DSWM Deputy Director Purpose of the Hazardous Waste Matrix Tool Tool to

The Hazardous Waste Determination Matrix A Tool to Assist the Regulated Community Lisa Ann Hughey, CHMM; DSWM Deputy Director Purpose of the Hazardous Waste Matrix Tool Tool to assist generators in navigating the TN Regulations to determine

553 views • 12 slides
Turning Data from Online Sensors into information Data - Information - Knowledge - Understanding -

Turning Data from Online Sensors into information Data - Information - Knowledge - Understanding -

Turning Data from Online Sensors into information Data - Information - Knowledge - Understanding - Wisdom Snow & Flow Monitoring Water Quality Monitoring Sommer GmbH Sommer offers more than 20 years of experience in developing and

339 views • 32 slides
COMPUTERSHARE LI MI TED (ASX:CPU) FI NANCI AL RESULTS FOR THE HALF YEAR ENDED 31 DECEMBER 2011

COMPUTERSHARE LI MI TED (ASX:CPU) FI NANCI AL RESULTS FOR THE HALF YEAR ENDED 31 DECEMBER 2011

COMPUTERSHARE LI MI TED (ASX:CPU) FI NANCI AL RESULTS FOR THE HALF YEAR ENDED 31 DECEMBER 2011 22 February 2012 NOTE: All figures (including comparatives) are presented in US Dollars unless otherwise stated. The non-IFRS financial information

1.07k views • 78 slides
2013 Interim Results Presentation Mark Dixon, Chief Executive Officer Dominique Yates, Chief

2013 Interim Results Presentation Mark Dixon, Chief Executive Officer Dominique Yates, Chief

Regus plc 2013 Interim Results Presentation Mark Dixon, Chief Executive Officer Dominique Yates, Chief Financial Officer 27 August 2013 Caution statement No representations or warranties, express or implied are given in, or in respect of,

568 views • 27 slides
Di Digital M Media and He Health T Topic Gr Group mHealth Stream Stream Leader: Kathi

Di Digital M Media and He Health T Topic Gr Group mHealth Stream Stream Leader: Kathi

Di Digital M Media and He Health T Topic Gr Group mHealth Stream Stream Leader: Kathi Apostolidis - PCWP/EMA Mobile to overtake f e fixed ed I Inter ernet a access b by 2014 Mary M Meek eeker er, nalys yst, Klei einer er

442 views • 12 slides
Politics and the Pulpit by Milton Cerny Caplin & Drysdale, Chartered Another election season

Politics and the Pulpit by Milton Cerny Caplin & Drysdale, Chartered Another election season

Politics and the Pulpit by Milton Cerny Caplin & Drysdale, Chartered Another election season is upon us and with it a flurry of information and misinformation about what churches and other religious organizations can and cannot do.

659 views • 7 slides

More recommend