uPKI: improving certificate revocation on Linux | Ubuntu Summit 26.04
What is uPKI? While web browsers automatically check if an HTTPS certificate has been revoked, other Linux command-line tools and applications usually skip this check. That leaves applications vulnerable to compromised or misissued certificates many months after this is discovered. In their talk, Joe Birr-Pixton and Dirkjan Ochtman will be introducing uPKI: a new effort to bring browser-grade certificate infrastructure to Linux. This effort is funded by Canonical, engineered by the maintainers of rustls, and builds on foundational work from Mozilla.