座談 Panel #1

提案單位：Georgia Institute of Technology

所屬子題：
韌性網路 (Resilient Internet)

This panel will explore the role of Certificate Authorities (CAs) and Browsers in the development, operation and regulation of the Internet’s Public Key Infrastructure (PKI). PKI is a fundamental component of the global internet infrastructure that allows for secure and trusted communication, protects data integrity, and facilitates secure transactions and authentication online.

Over the past decade, inter-firm cooperation between CAs and the companies that develop Browsers have advanced effective security and transparency reforms across a growing number of PKI functions. The venue for these deliberations has been the Certificate Authority (CA) / Browser Forum, an unincorporated and volunteer led standards development organization.

This moderated panel brings together CA/Browser members and leadership alongside representatives of academia and civil society to discuss this past decade of rapid reforms and the future of the certificate ecosystem. We will delve deeper into the crucial but underexplored realm of transnational, cooperative, private-sector led governance within the CA/Browser Forum and its role in shaping the web’s Public Key Infrastructure (PKI). With a focus on the subtheme of Resilient Internet, the talk will shed light on how this industry-driven forum overcomes collective action problems to promote cybersecurity reforms.

We will also discuss issues of global inclusion and accessibility and the impact of the distribution of free certificates by Let’s Encrypt and its effect on market concentration. We would also explore the possible ramifications of EU’s electronic identification, authentication, and trust services or eIDAS on CAs and browser root stores.

Our aim through this panel is to provide a deeper understanding of the dynamics shaping self-governance in the web PKI industry, its implications for global digital governance, and the collaborative efforts to enhance web security.