- Click here if you just want to read the Paper -
In the last two posts of this series, we first introduced the governance issues in PKI and then the circular dependency between establishing trust in PKI certificates and establishing the current time on a connected device.
So let’s break that circular dependency between time and trust. The difference between trusting a person/an entity and trusting data is key here. How...
Software Defined Networking (SDN) and Network virtualization have been the disruptor technologies that were fundamental to the success of Infrastructure as a Service (IaaS) providers such as Amazon AWS, Google Cloud Compute, and Azure during the last decade. Before that, there were plenty of rival cloud providers - for most of them, changing network configurations, adding/removing machines to a network required human interaction and would take hours or sometimes days. Dedicated networking, networking...
“If you knew Time as well as I do,” said the Hatter, “ you wouldn’t talk about wasting it. It’s him.”
“ I don’t know what you mean,” said Alice.
“ Of course you don’t !” the Hatter said, tossing his head contemptuously. “ I dare say you never even spoke to Time ! Alice in Wonderland
In order to trust a time source, we need to validate its...
You may not be aware of this but if you are browsing the web or running IoT devices in your business or at your home, you are being protected by a 30-year-old security infrastructure. In this post, we will uncover the history of the internet PKI that holds most of the internet together today and highlight some of the most obvious threats and known flaws. This article is the first in a series investigating the...
In Today’s internet, the authenticity of content is secured by the internet PKI system and the domain name registries. To make it all work first the domain name server (DNS), second you - holding the certificate and the corresponding private key and third a certificate authority which signed your certificate all have to agree on the same data to create this security.
A single miss like a domain name server pointing to a different server...