Posts
-
2023-10-21
Web PKI Revocation is Broken (but we can fix it!)
The web public key infrastructure is used to secure HTTPS connections between browsers and websites using certificates. Today, when something goes wrong, browsers can’t reliably find out those certificates have been revoked. We examine past and future solutions to this problem, and how we can make progress on fixing revocation.
... -
2023-09-29
The S in HTTPS
I gave a talk for the Infrastructure Club, introducing how we communicate securely online.
... -
2020-05-04
Operationalizing SPIRE at Square
At the Spring 2020 SPIFFE community day, I gave a talk about my work to take our SPIRE deployment from a prototype to production software we relied on.
... -
2019-11-23
Colliding the sum checksum
The
...sum
command-line tool is a simple checksum utility included in BSD and GNU Coreutils. It is not a cryptographically secure hash, and so I wrote a tool to set thesum
of a file to an arbitrary value. -
2019-10-23
Blog
I have decided to set up a blog to organize and share things I do, just like everyone else’s blogs. I’ve made several decisions in how I’d like my blog to work.
...