TLS has secured the internet for decades, but it has a major limitation: because TLS relies on symmetric encryption, data cannot simply be shared with a third party. As a result, most Web data remains locked inside centralized silos. HTTPS provides authenticity and confidentiality, but not verifiable provenance, leaving applications to rely on screenshots, scraped HTML, or centralized access control mechanisms such as OAuth.

zkTLS changes this. Using MPC-TLS and zero-knowledge techniques, zkTLS allows a client to produce cryptographically verifiable proofs and attestations of real HTTPS sessions. This makes previously inaccessible user data portable, trustworthy, and reusable across applications. Importantly, zkTLS places the user in control: the user decides what to disclose, without exposing secrets (e.g. authentication tokens) or revealing unnecessary fields in a response.

In this talk, we will: * explain how zkTLS works at a protocol level (MPC-TLS, transcript commitments, zero-knowledge) * present real-world use cases * discuss security and trust assumptions * demonstrate TLSNotary running in the browser, generating proofs from private HTTPS requests

Attendees will see how zkTLS provides a practical path toward user-controlled data provenance, enabling open innovation on top of the world’s existing HTTPS infrastructure.