Keynote – Closing the TLS Authentication Gap, by Steve Dispensa and Marsh Ray. When discovered in late 2009, the SSL and TLS Authentication Gap vulnerability was a serious vulnerability involving how web servers use SSL and TLS. The flaw allowed an active man-in-the-middle attacker to inject arbitrary content into an encrypted data stream. Dispensa and Ray described the TLS Authentication Gap as representing “One of the most complex security disclosure processes in recent years.” They discussed the discovery of the flaw, provided a technical overview and demonstrations, and then discussed the rationale and lessons learned in coordinating the disclosure.