HTTPS by default - no more clear

HTTPS by default - no more clear

Phdays 2017

5b723186bd1e23af569bd623f193a2b9?s=128

oxdef

May 23, 2017
Tweet

Transcript

  1. Яндекс

  2. Я HTTPS by default - no more clear text in

    the web! Taras Ivashchenko, Product security team, Y andex ндекс
  3. None
  4. Global HTTPS usage

  5. Why so slow?!

  6. None
  7. Forward Secrecy

  8. HTTPS only for the auth page is not enough!

  9. Really big project Not only web protocols Internal knowledge base

    and tools Trainings Deep tech things: TLS sessions, double certificate scheme All services moved to “HTTPS by default” mode Improved world around us ;-) At Y andex
  10. None
  11. Q&A

  12. Taras Ivashchenko Product security team Contacts oxdef@yandex-team.ru