Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS by default - no more clear
Search
oxdef
May 23, 2017
Programming
0
32
HTTPS by default - no more clear
Phdays 2017
oxdef
May 23, 2017
Tweet
Share
More Decks by oxdef
See All by oxdef
How to improve software security with OWASP open source initiatives
oxdef
0
200
Keynote at ZeroNights X (2021)
oxdef
0
170
Security Culture: Here be Hackers
oxdef
0
520
OWASP Top 10 - 2017 What’s inside?
oxdef
0
580
И разработчик станет хакером!
oxdef
0
43
Implementing Content Security Policy at a Large Scale
oxdef
0
600
Security in developer’s life: knowledge is power
oxdef
0
360
Web Application Security: future standards and technologies
oxdef
0
370
Content Security Policy - the panacea for XSS or placebo?
oxdef
0
400
Other Decks in Programming
See All in Programming
Composerが「依存解決」のためにどんな工夫をしているか #phpcon
o0h
PRO
1
330
PipeCDのプラグイン化で目指すところ
warashi
1
290
Azure AI Foundryではじめてのマルチエージェントワークフロー
seosoft
0
190
AI コーディングエージェントの時代へ:JetBrains が描く開発の未来
masaruhr
1
200
A full stack side project webapp all in Kotlin (KotlinConf 2025)
dankim
0
130
チームのテスト力を総合的に鍛えて品質、スピード、レジリエンスを共立させる/Testing approach that improves quality, speed, and resilience
goyoki
5
1k
Modern Angular with Signals and Signal Store:New Rules for Your Architecture @enterJS Advanced Angular Day 2025
manfredsteyer
PRO
0
240
#kanrk08 / 公開版 PicoRubyとマイコンでの自作トレーニング計測装置を用いたワークアウトの理想と現実
bash0c7
1
900
レベル1の開発生産性向上に取り組む − 日々の作業の効率化・自動化を通じた改善活動
kesoji
0
270
GPUを計算資源として使おう!
primenumber
1
200
#QiitaBash MCPのセキュリティ
ryosukedtomita
1
1.5k
生成AI時代のコンポーネントライブラリの作り方
touyou
1
260
Featured
See All Featured
4 Signs Your Business is Dying
shpigford
184
22k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
331
22k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Mobile First: as difficult as doing things right
swwweet
223
9.7k
Agile that works and the tools we love
rasmusluckow
329
21k
A Tale of Four Properties
chriscoyier
160
23k
Embracing the Ebb and Flow
colly
86
4.7k
What's in a price? How to price your products and services
michaelherold
246
12k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
A Modern Web Designer's Workflow
chriscoyier
695
190k
Why Our Code Smells
bkeepers
PRO
336
57k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
980
Transcript
Яндекс
Я HTTPS by default - no more clear text in
the web! Taras Ivashchenko, Product security team, Y andex ндекс
None
Global HTTPS usage
Why so slow?!
None
Forward Secrecy
HTTPS only for the auth page is not enough!
Really big project Not only web protocols Internal knowledge base
and tools Trainings Deep tech things: TLS sessions, double certificate scheme All services moved to “HTTPS by default” mode Improved world around us ;-) At Y andex
None
Q&A
Taras Ivashchenko Product security team Contacts
[email protected]