Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥

HTTPS by default - no more clear

Avatar for oxdef oxdef
May 23, 2017
Programming
0
34

HTTPS by default - no more clear

Phdays 2017

Avatar for oxdef

oxdef

May 23, 2017
Tweet

More Decks by oxdef

See All by oxdef
How to improve software security with OWASP open source initiatives
Avatar for oxdef oxdef
0
230
Keynote at ZeroNights X (2021)
Avatar for oxdef oxdef
0
190
Security Culture: Here be Hackers
Avatar for oxdef oxdef
0
540
OWASP Top 10 - 2017 What’s inside?
Avatar for oxdef oxdef
0
620
И разработчик станет хакером!
Avatar for oxdef oxdef
0
54
Implementing Content Security Policy at a Large Scale
Avatar for oxdef oxdef
0
640
Security in developer’s life: knowledge is power
Avatar for oxdef oxdef
0
380
Web Application Security: future standards and technologies
Avatar for oxdef oxdef
0
400
Content Security Policy - the panacea for XSS or placebo?
Avatar for oxdef oxdef
0
420

Other Decks in Programming

See All in Programming
Vibe codingでおすすめの言語と開発手法
Avatar for uyuki uyuki234
0
110
[AtCoder Conference 2025] LLMを使った業務AHCの上⼿な解き⽅
Avatar for terry-u16 terryu16
6
720
ゆくKotlin くるRust
Avatar for TATSUNO Yasuhiro exoego
1
160
Full-Cycle Reactivity in Angular: SignalStore mit Signal Forms und Resources
Avatar for Manfred Steyer manfredsteyer
PRO
0
170
AIコーディングエージェント(skywork)
Avatar for kondai kondai24
0
200
【卒業研究】会話ログ分析によるユーザーごとの関心に応じた話題提案手法
Avatar for MomokoShirakawa momok47
0
120
Developing static sites with Ruby
Avatar for Masafumi Okura okuramasafumi
0
320
AI 駆動開発ライフサイクル(AI-DLC):ソフトウェアエンジニアリングの再構築 / AI-DLC Introduction
Avatar for kanamsasa kanamasa
11
3.8k
tsgolintはいかにしてtypescript-goの非公開APIを呼び出しているのか
Avatar for syumai syumai
7
2.3k
Go コードベースの構成と AI コンテキスト定義
Avatar for ANDPAD inc andpad
0
140
クラウドに依存しないS3を使った開発術
Avatar for しめさば simesaba80
0
160
tparseでgo testの出力を見やすくする
Avatar for utagawa kiki utgwkk
2
280

Featured

See All Featured
16th Malabo Montpellier Forum Presentation
Avatar for AKADEMIYA2063 akademiya2063
PRO
0
29
AI Search:
Where Are We & What Can We Do About It?
Avatar for Aleyda Solis aleyda
0
6.7k
Leadership Guide Workshop - DevTernity 2021
Avatar for David Neal reverentgeek
0
170
Chasing Engaging Ingredients in Design
Avatar for Sebastian Deterding codingconduct
0
84
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
Avatar for UX Y'all uxyall
0
110
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
Avatar for Yuki Nakata chikuwait chikuwait
0
230
Efficient Content Optimization with Google Search Console & Apps Script
Avatar for Katarina Dahlin katarinadahlin
PRO
0
250
The Language of Interfaces
Avatar for Des Traynor destraynor
162
25k
Statistics for Hackers
Avatar for Jake VanderPlas jakevdp
799
230k
Utilizing Notion as your number one productivity tool
Avatar for Mfonobong Umondia mfonobong
2
190
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
407
66k
Designing for humans not robots
Avatar for Tammie Lister tammielis
254
26k

Transcript

  1. Яндекс

  2. Я HTTPS by default - no more clear text in

    the web! Taras Ivashchenko, Product security team, Y andex ндекс
  3. None

  4. Global HTTPS usage

  5. Why so slow?!

  6. None

  7. Forward Secrecy

  8. HTTPS only for the auth page is not enough!

  9. Really big project Not only web protocols Internal knowledge base

    and tools Trainings Deep tech things: TLS sessions, double certificate scheme All services moved to “HTTPS by default” mode Improved world around us ;-) At Y andex
  10. None

  11. Q&A

  12. Taras Ivashchenko Product security team Contacts [email protected]