My talk will be about the life that protocols acquire once they start evolving in a competitive environment. Why is the CA infrastructure so totally broken? Why are the APIs of hardware security modules almost unfixable? The answer, I will argue, is that the interface between the crypto layer and the comsec layer is becoming unmanageable because of conflicts of interest, governance failures at scale, asymmetric information and assorted externalities - in other words, a bundle of security-economics issues.
展开▼