Click the star to add/remove an item to/from your individual schedule.
You need to be logged in to avail of this functionality.

Accepted Paper:

Protocol practice and materiality: TLS and the organization of trust  
Paul Gebelein

Paper short abstract:

The protocol Transport Layer Security (TLS) enables secure communication on the Internet. It uses an arrangement of certificate authorities to validate client/server communication. This talk focuses on how TLS is used in practice and carves out the protocols materiality.

Paper long abstract:

The SSL/TLS protocol plays an important role in the Internets security arrangement, which is an important part of Internet governance (DeNardis 2014). Internet users rely on this protocol everyday for e-commerce, E-mail, data transfer etc. In practically any case in which a secure and reliable client/server connection is needed SSL/TLS is employed nowadays. This becomes more and more important as the demand for secure data transfer is on the rise.

SSL/TLS uses certificates based on asymmetric encryption and the concept of public key infrastructures (PKI) to validate connections and communication partners. In order to make this process actually work in practice a rather complex arrangement of (semi-)private and state actors who act as certificate authorities and vouch for the identity of server/websites on one hand and users (browser-vendors, app-producers, E-Mail providers etc.) who decide to accept certificates or not on the other hand has emerged. At its core this arrangement organizes trust based on the materiality of the protocol.

The talk uses the concept of materiality to carve out governance processes here in two ways. Firstly how the materiality of the protocol sets the space in which actors appropriate SSL/TLS while the protocol itself is defined by technological possibilities and constraints inscribed via standardization documents (i.e. RFCs) and technological concepts (i.e. PKI). Secondly how the arrangement of certificate authorities and organized users in practice could be understood as an information infrastructure materializing and therefore making visible the governance of secure Internet connections on the web.

Panel T001
Materializing governance by information infrastructure
  Session 1 Thursday 1 September, 2016, -