Certificate Authorities

Entities in a Public Key Infrastructure that issue X.509 certificates binding public keys to identities. CAs are a single point of trust whose aggregation of implementation-dependent parsing, naming, and OID choices has produced a long tail of signature-transfer, name-confusion, and EKU-bypass attacks.

In this vault

• PKI Layer Cake - Kaminsky Patterson Sassaman
• Parser Differential
• LangSec