PKI for the People will be presented in public for the first time at DEFCON Demo Lab on August 6th, 2016. Check out our introduction for an eye-opener.... even if you are not a techie!
10. Security is a chain; it's only as strong as the weakest link.
The security of any CA-based system is based on many links and
they're not all cryptographic. People are involved.
-Bruce Schneier on PKI
OneLegitQuote:
11. PKI for the People is a movement
with a tangible benefit:
Analertsystem
for the state of the global trust.
12. It is an open source tool using
a peer-to-peer network
based on a mobile and desktop app.
14. This node net is used to
audit/monitor changes to the
global security infrastructure.
In real-time.
Thisincludes:
DNS records
IP addresses
Domain names
Certificate IDs
Public roots
15. The device will sign these
certificates records with a
unique server identifier
(assigned to the specific mobile or
desktop application).
The application will query
the top 1000 websites to
receive their public-facing
certificates.
Step1
Step2
16. The application will discover other network nodes.
It will validate each public certificate with other members of the network.
This generates blockchain-based cryptographic security assertions.