Table of contents

  • This session has been presented December 19, 2025 (11:00 - 12:00).

Description

  • Speaker

    Romain Laborde - University of Toulouse

The padlock shown in the URL bar of our favorite web browser indicates that we are connected using a secure HTTPS connection and providing some sense of security. Unfortunately, the reality is slightly more complex. The trust model of the underlying Web PKI is invalid, making TLS a colossus with feet of clay. In this talk, we will dive into the trust model of the web PKI ecosystem to understand its weaknesses. Based on the research conducted in my team, I will demonstrate that, from the perspective of trust, each step of the certificate validation process is extremely complex, leaving users uncertain about whether or not they are connected to the correct web server.

Next sessions

  • The Design and Implementation of a Virtual Firmware Monitor

    • January 30, 2026 (11:00 - 12:00)

    • Inria Centre of the University of Rennes - Room Petri/Turing

    Speaker : Charly Castes - EPFL

    Low level software is often granted high privilege, yet this need not be the case. Although vendor firmware plays a critical role in the operation and management of the machine, most of its functionality does not require unfettered access to security critical software and data. In this paper we demonstrate that vendor firmware can be safely and efficiently deprivileged, decoupling its[…]

    • SoSysec

    • Compartmentalization

    • Operating system and virtualization

Show previous sessions
Page top