Convergence (SSL)

Convergence claims to be an agile, secure, and distributed strategy for replacing SSL Certificate Authorities.^[1]^[2]^[3] Moxie Marlinspike released it in August 2011 while giving a talk titled "SSL And The Future Of Authenticity" on stage at the BlackHat security conference.^[4] It is currently a Firefox addon and a server-side notary daemon.

In the talk, Moxie Marlinspike proposes that all of the current problems with the CA system can be reduced to a single missing property, called "Trust Agility," which Convergence is designed to provide.

Background

Convergence is based on previous work from the Perspectives Project at Carnegie Mellon University. Like Perspectives, Convergence authenticates connections by contacting external notaries, but unlike Perspectives, Convergence notaries can use a number of different strategies beyond network perspective in order to reach a verdict.

References

^ "Convergence website". http://convergence.io/.
^ "InformationWeek: New SSL Alternative: Support Grows For Convergence". http://www.informationweek.com/news/security/management/231700001.
^ "NetworkWorld: The SSL certificate industry can and should be replaced". http://www.networkworld.com/news/2011/101211-ssl-moxie-marlinspike-251882.html?hpg1=bn.
^ "SSL And The Future Of Authenticity". http://www.youtube.com/watch?v=Z7Wl2FW2TcA.

External links

[1] - Convergence website.
[2] - Convergence project page.