$30 off During Our Annual Pro Sale. View Details »

HTTPS by default - no more clear

Avatar for oxdef oxdef
May 23, 2017
Programming
0
34

HTTPS by default - no more clear

Phdays 2017

Avatar for oxdef

oxdef

May 23, 2017
Tweet

More Decks by oxdef

See All by oxdef
How to improve software security with OWASP open source initiatives
Avatar for oxdef oxdef
0
230
Keynote at ZeroNights X (2021)
Avatar for oxdef oxdef
0
190
Security Culture: Here be Hackers
Avatar for oxdef oxdef
0
540
OWASP Top 10 - 2017 What’s inside?
Avatar for oxdef oxdef
0
620
И разработчик станет хакером!
Avatar for oxdef oxdef
0
53
Implementing Content Security Policy at a Large Scale
Avatar for oxdef oxdef
0
640
Security in developer’s life: knowledge is power
Avatar for oxdef oxdef
0
380
Web Application Security: future standards and technologies
Avatar for oxdef oxdef
0
400
Content Security Policy - the panacea for XSS or placebo?
Avatar for oxdef oxdef
0
420

Other Decks in Programming

See All in Programming
tsgolintはいかにしてtypescript-goの非公開APIを呼び出しているのか
Avatar for syumai syumai
7
2.3k
WebRTC と Rust と 8K 60fps
Avatar for tnoho tnoho
2
2k
新卒エンジニアのプルリクエスト with AI駆動
Avatar for Yuta Fukunaga fukunaga2025
0
230
UIデザインに役立つ 2025年の最新CSS / The Latest CSS for UI Design 2025
Avatar for IKEDA Yasunobu clockmaker
18
7.6k
著者と進める!『AIと個人開発したくなったらまずCursorで要件定義だ!』
Avatar for yasuna yasunacoffee
0
150
AIコーディングエージェント(Gemini)
Avatar for kondai kondai24
0
240
令和最新版Android Studioで化石デバイス向けアプリを作る
Avatar for Sora Arakawa arkw
0
410
Navigating Dependency Injection with Metro
Avatar for HyunWoo Lee l2hyunwoo
1
120
AIコーディングエージェント(skywork)
Avatar for kondai kondai24
0
180
認証・認可の基本を学ぼう後編
Avatar for kaza kouyuume
0
240
TerraformとStrands AgentsでAmazon Bedrock AgentCoreのSSO認証付きエージェントを量産しよう!
Avatar for neruneruo neruneruo
2
490
Developing static sites with Ruby
Avatar for Masafumi Okura okuramasafumi
0
310

Featured

See All Featured
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
37
2.7k
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
710
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
Avatar for Akash Hashmi akashhashmi
0
170
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
31
3k
Intergalactic Javascript Robots from Outer Space
Avatar for Vicent Martí tanoku
273
27k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
Avatar for Akihiro Kokubo akihiro_kokubo
PRO
63
35k
Kristin Tynski - Automating Marketing Tasks With AI
Avatar for Tech SEO Connect techseoconnect
PRO
0
100
More Than Pixels: Becoming A User Experience Designer
Avatar for Michelle Schulp Hunt marktimemedia
2
250
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
73
5k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.3k
Navigating the moral maze — ethical principles for Al-driven product design
Avatar for Skipper Chong Warson skipperchong
1
200
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.8k

Transcript

  1. Яндекс

  2. Я HTTPS by default - no more clear text in

    the web! Taras Ivashchenko, Product security team, Y andex ндекс
  3. None

  4. Global HTTPS usage

  5. Why so slow?!

  6. None

  7. Forward Secrecy

  8. HTTPS only for the auth page is not enough!

  9. Really big project Not only web protocols Internal knowledge base

    and tools Trainings Deep tech things: TLS sessions, double certificate scheme All services moved to “HTTPS by default” mode Improved world around us ;-) At Y andex
  10. None

  11. Q&A

  12. Taras Ivashchenko Product security team Contacts [email protected]