Presented by:

De6a19c02325864e550c9ab3b12b0fd1

Jacob Hoffman-Andrews

from EFF / Let's Encrypt

Jacob is a lead developer on Let's Encrypt, the free and automated Certificate Authority. He also works on EFF's Encrypt the Web initiative and helps maintain the HTTPS Everywhere browser extension.

Prior to working at EFF, Jacob was on Twitter's anti-spam and security teams. On the security team, he implemented HTTPS-by-default with forward secrecy, key pinning, HSTS, and CSP. On anti-spam, he deployed new machine-learned models to detect and block spam in realtime. Before Twitter, he worked at Google, variously on the maps, transit, and shopping teams.

In January 2018, Frans Rosen found a vulnerability in TLS-SNI-01, a validation method used by Let’s Encrypt and other CAs. Over the past year, Let’s Encrypt and Certbot have been working to deprecate the method and migrate clients. We’ll talk about what went well, what could have gone better, and the challenges of distributing up-to-date software to a wide variety of operating systems.

Date:
Duration:
45 min
Room:
Conference:
LinuxFest Northwest 2019
Language:
Track:
Security
Difficulty:
Medium