Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
http httpsの違いについて
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
adachi.ryo
November 21, 2014
Programming
0
190
http httpsの違いについて
adachi.ryo
November 21, 2014
Tweet
Share
More Decks by adachi.ryo
See All by adachi.ryo
ファインディの横断SREがTakumi byGMOと取り組む、セキュリティと開発スピードの両立
rvirus0817
1
1.2k
Findy Team+のSOC2取得までの道のり
rvirus0817
0
2.1k
FindyにおけるTakumi活用と脆弱性管理のこれから
rvirus0817
0
2.6k
技術的負債で信頼性が限界だったWordPress運用をShifterで完全復活させた話
rvirus0817
1
5.1k
Amazon Security Lakeを活用したセキュリティログの集約とAIによる可視化の最前線
rvirus0817
0
290
TechBull Membersの開発進捗どうですか!?
rvirus0817
0
1.7k
クラウド脆弱性の傾向とShisho Cloudの活用
rvirus0817
0
260
TechBullエンジニアコミュニティの取り組みについて
rvirus0817
0
1.2k
横断SREの立ち上げと、AWSセキュリティへの取り組みの軌跡
rvirus0817
3
15k
Other Decks in Programming
See All in Programming
Apache Iceberg V3 and migration to V3
tomtanaka
0
150
Kotlin Multiplatform Meetup - Compose Multiplatform 외부 의존성 아키텍처 설계부터 운영까지
wisemuji
0
190
React 19でつくる「気持ちいいUI」- 楽観的UIのすすめ
himorishige
11
5.9k
AIエージェント、”どう作るか”で差は出るか? / AI Agents: Does the "How" Make a Difference?
rkaga
4
2k
20260127_試行錯誤の結晶を1冊に。著者が解説 先輩データサイエンティストからの指南書 / author's_commentary_ds_instructions_guide
nash_efp
0
910
AWS re:Invent 2025参加 直前 Seattle-Tacoma Airport(SEA)におけるハードウェア紛失インシデントLT
tetutetu214
2
100
Patterns of Patterns
denyspoltorak
0
1.4k
Honoを使ったリモートMCPサーバでAIツールとの連携を加速させる!
tosuri13
1
170
Implementation Patterns
denyspoltorak
0
280
ThorVG Viewer In VS Code
nors
0
760
責任感のあるCloudWatchアラームを設計しよう
akihisaikeda
3
160
登壇資料を作る時に意識していること #登壇資料_findy
konifar
4
960
Featured
See All Featured
From π to Pie charts
rasagy
0
120
Thoughts on Productivity
jonyablonski
74
5k
RailsConf 2023
tenderlove
30
1.3k
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
130
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
7.9k
Navigating Team Friction
lara
192
16k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
What Being in a Rock Band Can Teach Us About Real World SEO
427marketing
0
170
Game over? The fight for quality and originality in the time of robots
wayneb77
1
110
Reflections from 52 weeks, 52 projects
jeffersonlam
356
21k
WCS-LA-2024
lcolladotor
0
450
The Illustrated Guide to Node.js - THAT Conference 2024
reverentgeek
0
250
Transcript
http httpsͷҧ͍ʹ͍ͭͯ גࣜձࣾωοτΞγετ ҆ୡ ྋ
ΞδΣϯμ • SSLͱ • SSLͷྺ࢙ • SSL҉߸Խ௨৴ͷྲྀΕ/ূ໌ॻͷ࡞Γํ • OSIࢀরϞσϧʹ͓͚ΔSSLϓϩτίϧ •
OSIࢀরϞσϧͱ • OpenSSL֓ཁ • httpɺhttps֓ཁɺΈ • ·ͱΊ
SSLͱ • SSL/https (Secure Sockets Layer) • σʔλΛ҉߸Խ • ݸਓใΫϨδοτΧʔυใͳͲΛ҉
߸Խɹ • σʔλվ͟ΜͳΓ͢·͠Λ͛Δ • 2017͔ΒશͯͷαΠτඞਢ 3
SSLͷྺ࢙ • SSL 1.0→࠷ॳͷόʔδϣϯɺେ͖ͳ੬ऑੑ • SSL 2.0→1994ൃද • SSL 3.0→1995ൃදɺ201410݄ʹେ͖ͳ੬ऑੑ
• TLS 1.0→1996IETFͷTLSϫʔΩϯάάϧʔϓRFC 2246ͱ ͯ͠TLS1.0Λެද • TLS 1.1→2006ʹRFC 4346ͱͯ͠TLS 1.1੍͕ఆ • TLS 1.2→20088݄ʹRFC 5246ͱͯ͠TLS 1.2੍͕ఆ • TLS 1.3→(ߘʣ201410݄ʹ੍ఆ 4
SSL҉߸Խ௨৴ͷྲྀΕ 5
SSLαʔόূ໌ॻͷ࡞Γํ part1 6
SSLαʔόূ໌ॻͷ࡞Γํ part2 7
OSIࢀরϞσϧʹ͓͚ΔSSLϓϩτίϧ 8
OSIࢀরϞσϧͱ 9
Open SSLͱ • The Open Source toolkit for SSL/TLSͷུɻ •
ιϑτΣΞ • 伴ͷੜɺূ໌ॻͷൃߦͱཧ • ੬ऑੑ͕ग़ͨ߹ɺΞοϓσʔτ 10
http httpsͱ • ʮhttpʯʮHyperText Transfer Protocolʯͷུ Σϒαʔόʔͱωοτܦ༝ͰςΩετը૾ɺಈըͳͲ֤ छใΛަ͢ΔͨΊͷ௨৴ϧʔϧ • ʮhttpsʯʮHTTP
over SSL/TLSʯͷུ ΓऔΓ్͕தͰ౪ௌ͞Εͳ͍Α͏ʹσʔλΛ҉߸Խͨ͠ Γɺ௨৴૬खΛূ໌ͯ҆͠શʹ௨৴͢ΔͨΊʹΘΕΔ
httpͷྺ࢙ • ςΟϜɾόʔφʔζʹϦʔ • ϩόʔτɾΧΠϦϡʔ • 1990 • ॳͷWebϒϥβͱWebαʔό 12
http/httpsΈ 13
https༻ྫ • 伴ΞΠίϯΛԡ͢ͱೝূͷใ͕ग़Δ 14
20164݄ • Let's Encrypt • TLSͷX.509ূ໌ॻͷൃߦΛແྉͰൃߦ →ެ։伴ূ໌ॻͷඪ४ܗࣜূ໌ॻύεݕ ূΞϧΰϦζϜͳͲ • ߴηΩϡΞͳূ໌ॻ
• 2018͔ΒϫΠϧυΧʔυ 15
·ͱΊ • ϝϦοτ →҆શੑͷڧԽ • σϝϦοτ →අ༻͕͔͔Δ→ࠓແྉ →௨৴ྔ͕ଟ͘ͳΔ→͍ 16
rvirus0817
tomtanaka
wisemuji
himorishige
rkaga
nash_efp
tetutetu214
denyspoltorak
tosuri13
nors
akihisaikeda
konifar
rasagy
jonyablonski
tenderlove
techseoconnect
eileencodes
lara
cassininazir
427marketing
wayneb77
jeffersonlam
lcolladotor
reverentgeek
