Overview
Syllabus
Intro
What happens to your trust when you know that there are copies of your door key?
PHYSICAL copies do not scale. DIGITAL copies scale. And every copy is perfect!
How do we detect copies of private keys from the outside?
Measure: TLS handshake time
Q.E.D. THERE ARE COPIES OF KEYS!
Q.E.D THERE ARE COPIES OF KEYS!
CA Certificates PKI are only built to maintain the integrity of the public keys!
The integrity of the private key is untouched by the CA/PKI infrastructure
Conclusion: THE WEAKEST LINK is THE PRIVATE KEY of our partner
QUESTION: Is there a solution to maintain the private keys integrity along the PKI implementations?
Taught by
JSConf