slides/2018-ct-intro/src/ct.tex


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77

\begin{frame}
  \frametitle{Certificate Transparency (CT) to the resque}
  \centering
  \begin{columns}
    \begin{column}{0.55\textwidth}
      \begin{itemize}
        \item Publicly log all certificates
        \item Clients require proof of logging
        \item Anyone can inspect the logs
        \item Goal is to \alert{detect} mis-issuance
      \end{itemize}
    \end{column}
    \begin{column}{0.49\textwidth}
      \includegraphics[width=\textwidth]{img/ct}
    \end{column}
  \end{columns}
  \vfill
  \scriptsize{\url{https://www.certificate-transparency.org/what-is-ct}}
\end{frame}

\begin{frame}
  \frametitle{Adoption status of CT among common platforms}
  \begin{columns}
    \begin{column}{0.33\textwidth}
      \centering
      \includegraphics[width=0.75\textwidth]{img/chrome-logo}
      \\incrementally
    \end{column}
    \begin{column}{0.33\textwidth}
      \centering
      \includegraphics[width=0.75\textwidth]{img/apple-logo}
      \\incrementally soon
    \end{column}
    \begin{column}{0.33\textwidth}
      \centering
      \includegraphics[width=0.75\textwidth]{img/firefox-logo}
      \\unclear
    \end{column}
  \end{columns}

  \vfill
  \begin{itemize}
    \item Clients require at least two promises of log inclusion
    \item Log is trusted until auditing hits deployment
  \end{itemize}
\end{frame}

\begin{frame}
  \frametitle{Who are the log operators?}
  \centering
  \begin{columns}
    \begin{column}{0.59\textwidth}
      \begin{itemize}
        \item Google Chrome includes 27 different CT logs
        \item Three logs found cheating while auditing (mistakes)
          \begin{itemize}
            \item Same key for test and production log (Izenpe)
            \item Time rollback after power outage (Venafi)
            \item Invalid promises of log inclusion (Cloudflare)
          \end{itemize}
      \end{itemize}
    \end{column}
    \begin{column}{0.39\textwidth}
      \begin{tabular}{c|c}
        Log operator & Number of logs \\
        \toprule
        DigiCert    & 10 \\
        Google      & 9 \\
        Cloudflare  & 4 \\
        Comodo      & 2 \\
        CNNIC       & 1 \\
        Venafi      & 1 \\
        \bottomrule
      \end{tabular}
    \end{column}
  \end{columns}
\end{frame}