Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up
for free
HTTPS by default - no more clear
oxdef
May 23, 2017
Programming
0
9
HTTPS by default - no more clear
Phdays 2017
oxdef
May 23, 2017
Tweet
Share
More Decks by oxdef
See All by oxdef
oxdef
0
8
oxdef
0
9
oxdef
0
150
oxdef
0
110
oxdef
0
20
oxdef
0
150
oxdef
0
72
oxdef
0
76
oxdef
0
70
Other Decks in Programming
See All in Programming
boriswilhelms
0
100
77web
2
600
tosh7
0
110
bosshawk
0
500
afilina
PRO
1
270
jrfk
0
120
qnighy
0
110
makicamel
3
570
shuheiyamada
0
100
aseiide
1
220
mamy1326
12
2.7k
sat0b
0
260
Featured
See All Featured
marktimemedia
14
710
wjessup
342
16k
frogandcode
129
20k
mclloyd
PRO
6
7.5k
tanoku
91
8.9k
shlominoach
177
8.1k
gr2m
86
11k
lemiorhan
633
49k
pedronauck
655
120k
erikaheidi
28
5.1k
keathley
25
930
jnunemaker
PRO
43
4.9k
Transcript
Яндекс
Я HTTPS by default - no more clear text in
the web! Taras Ivashchenko, Product security team, Y andex ндекс
None
Global HTTPS usage
Why so slow?!
None
Forward Secrecy
HTTPS only for the auth page is not enough!
Really big project Not only web protocols Internal knowledge base
and tools Trainings Deep tech things: TLS sessions, double certificate scheme All services moved to “HTTPS by default” mode Improved world around us ;-) At Y andex
None
Q&A
Taras Ivashchenko Product security team Contacts oxdef@yandex-team.ru
oxdef
boriswilhelms
77web
tosh7
bosshawk
afilina
jrfk
qnighy
makicamel
shuheiyamada
aseiide
mamy1326
sat0b
marktimemedia
wjessup
frogandcode
mclloyd
tanoku
shlominoach
gr2m
lemiorhan
pedronauck
erikaheidi
keathley
jnunemaker
