CRLite is a technology to efficiently compress revocation information for the whole Web PKI into a format easily delivered to Web users. It addresses the performance and privacy pitfalls of the Online Certificate Status Protocol (OCSP) while avoiding a need for some administrative decisions on the relative value of one... [read more]
Published 2020-01-09
CRLite is a technology proposed by a group of researchers at the IEEE Symposium on Security and Privacy 2017 that compresses revocation information so effectively that 300 megabytes of revocation data can become 1 megabyte.
[read more]Published 2020-01-09
Firefox for Android (Fennec) now supports the Web Authentication API as of version 68. WebAuthn blends public-key cryptography into web application logins, and is our best technical response to credential phishing. Applications leveraging WebAuthn gain new second factor and “passwordless” biometric authentication capabilities. Now, Firefox for Android... [read more]
Published 2019-08-05
I gave a lightning talk at our Mozilla All-Hands meeting about CRLite, a new technology for delivering revocations for the Web PKI to all clients in a very compressed form.
[read more]Published 2018-12-04
Web Authentication is now enabled in Firefox Nightly, with intent to ship in version 60.
[read more]Published 2018-01-11
On a mission to solve information security issues for the whole Internet. That, and drink coffee.
This work is licensed under a Creative Commons Attribution 4.0 International License.