This is an idea proposed in 2014 as a Cambridge Computer Science Part II project, and has been completed by Johann Beleites. It was supervised by David Sheets and Anil Madhavapeddy as part of my Unikernels project.

Summary

This project aimed to develop a framework that allows administrators to centrally manage trust in CAs and certificates across a large number of clients. The framework should be responsive and changes in trust should not require any software updates or reboots of client devices. Further, no cooperation from CAs or domain owners should be necessary for a security gain. Performance optimisations should be implemented such that it is usable on a daily basis and this project could integrate with other existing attempts at improving the TLS trust model.

Related Reading

• Not-Quite-So-Broken TLS

Results

A functioning framework dubbed "ConTrust" was implemented, allowing administrators to centrally manage trust for TLS certificates. It can be responsive (depending on the configuration) and does not require software updates or reboots of client devices. Some means of authenticating certificates were introduced –- including a whitelist of trusted CAs. Caches were introduced to improve performance, although more performance optimisations would be possible but were not implemented due to prioritisation of other features.

Related Ideas

• Distributed Task Scheduling Framework over Irmin
  by Mohammed Daudali in 2019 (Completed, Part II)
• A strongly consistent index for email using git and MirageOS
  by Oliver Hope cosupervised with David Allsopp in 2019 (Completed, Part II)
• CausalRPC: a traceable distributed computation framework
  by Craig Ferguson in 2018 (Completed, Part II)
• Control flow analysis for privilege separation
  by Chris Harding and Ross McIlroy cosupervised with Robert M Watson in 2011 (Completed)
• Extending 64-bit MIPS support for LLVM
  by William Morland cosupervised with Robert M Watson in 2011 (Completed)