Google Trust Services (GTS)

I led the development of Google Trust Services' ACME CA as a software engineer, tech lead, and TLM (tech lead manager). Work began by creating an internally-facing ACME-based CA and automating existing issuance flows by using specially-designed ACME challenges. Next we worked on adding complete RFC 8555 support with standard domain validation challenges and many extra features. We built support for IP address validation, SXG certificates, multiple perspective issuance corroboration (MPIC), adjustable certificate lifetimes, ACME Renewal Information (ARI), ACME CAA extensions, and even S/MIME.

Eventually we were able to open up our CA to the public for free and work towards standardization of one of the internal challenges I co-authored (Scoped DNS challenges) to help increase the resilience of the web PKI. The ecosystem needs multiple interchangeable CAs to be resilient. For instance, when there is an issue with a certificate and it needs to be revoked, the CA will often wait until the certificate has been renewed to avoid causing an outage, but reissuance is not always immediately possible. CAs may have to disable issuance to correct an underlying problem with the software or perhaps there are merely too many certificates that need to be renewed at once and the system becomes overloaded e.g. Heartbleed. Multiple CAs can distribute the load and ensure renewal and revocation can happen quickly. ARI can make this process seamless. Finally, increased issuance throughput and availability enables security improvements like truly short-lived certificates ( less than 10 days). You do not have to worry about the efficacy [1, 2, 3] of revocation if authorization is proven every few days and your keys are constantly rotating. GTS has grown to be the fourth largest CA by issuance volume.

In addition to my duties as TLM of the software team, I was placed on GTS' Policy Authority in June of 2022 providing research, guidance, and decisions on policy matters as well as being tasked with handling some of our most critical incident responses [4, 5].

Blog Post: Public API Launch
Book Chapter: Case Study: Designing, Implementing, and Maintaining a Publicly Trusted CA

Let's Encrypt

One of the worst problems with HTTPS in 2015 was that it wasn't adopted widely enough. Let's Encrypt helped change this by offering free certificates from an automated, trusted CA. It changed a set up process that would take hours of time and $50-$100 every year to be automatic and free and Let's Encrypt has become the largest CA in the world. I was on the founding team and was privileged to work alongside J. Alex Halderman, Peter Eckersley, Seth Schoen, Eric Rescorla, Josh Aas, and Richard Barnes. I worked on Let's Encrypt from March 2012 through November 2015 with the University of Michigan and as an EFF Technology Fellow from October 2014 to October 2015. I was a co-author on the protocol, ACME, RFC 8555, was the lead maintainer of Certbot and handled many communications while at the University of Michigan and EFF.

Blog Posts: Freedom To Tinker, EFF Blog Post
Videos: DEFCON Talk, My Original Demo Video
Academic Paper: Let’s Encrypt: An Automated Certificate Authority to Encrypt the Entire Web
Select News Articles: Washington Post, CNET