WebPKI Corporate Course

Topic in the Course #

• What are certificates and why are they needed?
• PKI and trust hierarchies
• Domain ownership validation on the web
• Certificate revocation — why it is needed
• Certificate revocation mechanisms: CRLs, OCSP, vendor-specific revocation
• Certificate trust levels
• Qualified web authentication certificates (QWACs)
• DANE, CAA
• Public key pinning
• Certificate transparency
• Outlook on revocation: CRLite

Objectives #

After the course, participants:

• understand what a PKI is, and why the web needs one,
• understand why digital trust establishment is a hard problem,
• understand the tools used in today’s webPKI, and
• can evaluate new approaches to trust management independently.

Duration and Language #

I offer this course in lengths between 60 and 90 minutes.
Teaching is in English, German, or Dutch.

Interested? #

You can request this course by contacting me.