What The x.509 Is Wrong With Gmail?

What The x.509 Is Wrong With Gmail?

You don’t often stop to think about x.509 and the Public Key Infrastructure (PKI) that authenticates our Internet connections. Allow me to explain why you should. Transport Layer Security (TLS) uses x.509 certificates to authenticate connections. In your every-day use...
Implementing Mozilla Persona

Implementing Mozilla Persona

Mozilla Persona is decentralized sign-in protocol. (Actually, the protocol is named BrowserID, but Mozilla rebranded their implementation to confuse everyone. It worked.) It uses e-mail-like identifiers and public-key authentication to validate identity assertions....
The Password Must Die

The Password Must Die

Passwords are everywhere. We have too many of them. We know we shouldn’t re-use them, but we already have too many and we can’t remember another one. So we use one in multiple places and we get in trouble when one website is compromised. They cost us time and money...