Hello! I’m a software engineer and manager working on the Google Chrome web browser. I lead Chrome’s “Trusty Transport” team. We provide a foundation of trustworthy, understandable encrypted and authenticated connections for the web. We work on HTTPS certificate verification, ecosystem improvements like Certificate Transparency, the TLS stack, and connection security UX (such as site identity in the address bar and certificate warnings). I also co-lead a cross-functional virtual team of usable security experts who provide consulting and security reviews across Chrome. Much of my work involves quantitative field research about how Chrome’s security features work. Some of my major Chrome projects have included: promoting HTTPS adoption, improving and resolving unnecessary HTTPS certificate errors, building tools to help developers roll out more secure configurations, and building new warnings for spoofy domains.

I’ve worked on Chrome for about 7 years. Before that, I was a core developer on Meteor, a JavaScript application framework.

I received my bachelor’s degree from Stanford University and master’s degree from MIT (both in computer science). As a student, most of my research centered on deploying client-side cryptography in web applications. I still stay involved in the academic research community by publishing papers about my work on Chrome and serving on program committees.

Other places on the web you can find me:

You can read popular press about my work here, here, and here.

Outside of work, I live with my spouse and two sons in the San Francisco Bay Area. I enjoy baking, reading, yoga, and hiking in my free time.