Assertion-Carrying Certificates

Waqar Aqeel, Zachary Hanif, James Larisch, Olamide Omolola, Taejoong Chung, Dave Levin, Bruce Maggs, Alan Mislove, Bryan Parno, Christo Wilson

Publikation: KonferenzbeitragPaper


Today’s TLS certificates are notoriously difficult to
augment with new features or even new options under the existing
set of features. As a result, the public key infrastructure is unable
to quickly evolve to meet new threats, new deployment consid-
erations, and new capabilities. We observe that, fundamentally,
certificates are a series of logical constraints, limiting what a
given principal is able to do. We sketch the design of assertion-
carrying certificates: certificates that can carry a small amount of
code that can dynamically add to these constraints. We present
what we believe to be the ideal goals of such a language, and
how our initial design in Prolog addresses them. We believe that
this modest change to certificates could empower a far more
evolvable certificate ecosystem.
PublikationsstatusUnveröffentlicht - 2 Juni 2020
VeranstaltungWorkshop on Foundations of Computer Security 2020 - virtuell, USA / Vereinigte Staaten
Dauer: 22 Juni 2020 → …


KonferenzWorkshop on Foundations of Computer Security 2020
KurztitelFCS 2020
Land/GebietUSA / Vereinigte Staaten
Zeitraum22/06/20 → …


Untersuchen Sie die Forschungsthemen von „Assertion-Carrying Certificates“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren