| 日時(Date) |
2025年4月28日 (月) / Apr. 28th, 2025 (Mon.) 3限 (13:30--15:00) / 3rd period (13:30--15:00) |
|---|---|
| 場所(Location) | パナソニックISセミナーホール(L1), Panasonic IS Seminar Hall (L1) |
| 司会(Chair) | prof. Yuichi HAYASHI |
| 講演者(Presenter) | Takahito Yoshizawa ( Computer Security and Industrial Cryptography (COSIC) group, Electrical Engineering Dept. (ESAT), Katholieke Universiteit Leuven (KU Leuven)) |
| 題目(Title) | Browser certificate revocation-theory and reality |
| 概要(Abstract) | The default use of TLS in Internet websites has become more norm than exception in the past years. TLS relies on web server certificates that verify the validity of web sites and establish session keys to encrypt traffic between web servers and browsers. If a certificate needs to be revoked for any reason, browsers need to be aware of this situation so that they block access to this website. IETF has standardized a series of solutions to disseminate this revocation information. However, each successive solution comes with own issues. In addition, browser implementations are not uniform in its handling. As a result, the certificate revocation in websites/browsers is not effective in reality. To address this situation, the IETF’s most recent solution takes a different approach. To see the level of support of this latest standard, we have collected and analyzed a large amount of web server certificates and made an interesting observation. This presentation discusses our observation and possible future way forward to address this problem. |
| 講演言語(Language) | English |
| 講演者紹介(Introduction of Lecturer) | Takahito (Taka) YOSHIZAWA has over 30 years of industry experience in mobile communication systems. Through these years, he has contributed to all phases of development lifecycle of mobile infrastructure systems from 2G onward. He has worked for both established large multi-national companies as well as small start up companies, and gained insights of pros and cons of both environments. He has participated and actively contributed to standardization organizations such as 3GPP, and holds approx. 20 granted patents on communication systems. He received B.S. degree in information and computer science from Georgia Institute of Technology in 1992, M.S degree in Telecommunication from Southern Methodist University in 2002, and Ph.D. from Katholieke Universiteit Leuven (KU Leuven) in Belgium in 2023. As a post doc, he is currently continuing his research on security of V2X communication and Reinforcement Learning (RL) at COSIC group in KU Leuven. |