Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
SSLって必要ですか〜Let's Encryptを試してみよう
Search
sonson
May 15, 2016
Programming
3
510
SSLって必要ですか〜Let's Encryptを試してみよう
SSLの必要性,Let's Encryptのちょっとした使い方について概観する.
sonson
May 15, 2016
Tweet
Share
More Decks by sonson
See All by sonson
計算グラフのJITコンパイラをLLVM on C++で作ろう
sonsongithub
2
500
LLVMでHalideみたいな計算グラフ+JITを作りたい
sonsongithub
0
1.3k
LLVM Tutorial 02 - わいわいswiftc
sonsongithub
1
350
LLVM Tutorial - わいわいswiftc
sonsongithub
0
270
How to make and publish a Swift playground book for iPad
sonsongithub
5
19k
Swiftで実装するHTML特殊文字の高速処理
sonsongithub
3
7.5k
First step of 3D touch
sonsongithub
0
550
Getting started with 3D Touch
sonsongithub
0
630
Other Decks in Programming
See All in Programming
Advanced App Shrinking Techniques
cbeyls
2
150
スクラムマスターって孤独じゃないですか?
yoshitaroyoyo
1
140
Rubyのパフォーマンスプロファイリングの改善 / Enhancing performance profiling for Ruby
osyoyu
1
410
Findy - エンジニア向け会社紹介 / Findy Letter for Engineers
findyinc
2
81k
最近追加した型の紹介とその振り返り
aki19035vc
0
170
Polarsの成長: v0.14からv1.0までの変遷と今後の展望
zerebom
1
350
Architectures with Lightweight Stores: New Rules and Options
manfredsteyer
PRO
0
100
Microservices rules (July 2024) : what good looks like
cer
PRO
0
1.6k
Rustのweb開発を助ける 便利なツール紹介
yuki0418
1
190
Xcode 16のPreviewModifierと@Previewableを活用した効率的なプレビュー方法の考察
ojun9
2
160
CSC307 Lecture 09
javiergs
PRO
1
500
Prompt FlowによるLLMアプリケーション開発
yuto2000
1
1k
Featured
See All Featured
Building an army of robots
kneath
301
42k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
23
1.9k
Gamification - CAS2011
davidbonilla
78
4.9k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
90
47k
The Pragmatic Product Professional
lauravandoore
29
6.1k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
17
1.5k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
26
1.8k
Infographics Made Easy
chrislema
238
18k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
228
16k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
18
1.2k
GraphQLの誤解/rethinking-graphql
sonatard
59
9.6k
It's Worth the Effort
3n
181
27k
Transcript
͍ͬͯΔਓίʔυॻ͍͍ͯͯͩ͘͞ Tech. Yuichi Yoshida Researcher, DENSO IT Laboratory, Inc. #yidev
@sonson_twit © 2014 DENSO IT Laboratory, Inc., All rights reserved. Redistribution or public display not permitted without written permission from DENSO IT Laboratory, Inc. Let’s Encrypt~SSL~Autolayout
ࣗݾհ • sonson • twitter: sonson_twit • github: sonsongithub •
portfolio • reddift(SwiftͰॻ͍ͨreddit.comͷAPIϥούʔ) • ࣄ • ը૾ೝࣝ/ݕࡧ/ͦΕΛͬͨΞϓϦ • ػցֶशͷ͓ษڧͱ͔ॾʑͱ͔
ࠓͷ༰ • SSLͬͯඞཁͰ͔͢ʙLet’s Encrypt • AutolayoutΛ͍ͬͯΔ͕ɼԶ͏ݶք͔͠Εͳ͍
SSLͬͯඞཁͰ͔͢ʁ Let’s EncryptͰ͍͍ͷ͔ɼѱ͍ͷ͔
໔ ͜ͷൃද༰ɼ٢ా༔ҰͷݸਓతͳݟղͰ͋Γɼ ॴଐ͢ΔஂମͷެࣜతͳݟղͰ͋Γ·ͤΜɽ ·ͨຊൃද༰Λฉ͖ɼͦͷཧղʹج͍ͮͯͦͷຊਓ͕ ͱͬͨԿͳΔߦಈʹΑΔଛʹର͠ɼΛෛ͍·ͤΜɽ Ҏ্ͷ͜ͱΛཧղͰ͖ͳ͍ਓɼ͋Δ͍ड͚ೖΕΒΕͳ͍ਓ ຊൃදΛฉ͘͜ͱ͝ԕྀ͍ͩ͘͞ɽ
None
None
എܠ • iOS9Ҏ߱ɼATSಋೖ͞ΕΔ • σϑΥϧτͰͯ͢https௨৴ʹஔ͖͑ΒΕΔ • iOSͰSSLجຊཁ݅ʹͳΓͭͭ͋Δ • ࣗͰӡ༻͍ͯ͠ΔαʔόͷSSLରԠ •
sonson.jpɼgithub hostingҎ֎ͯ͢SSL • 2tchͷόοΫΤϯυ৽͍͠όʔδϣϯSSL • ͦΜͱ͖ʹ৭ʑษڧͨ͠ • ϝΠϯͷڵຯRSA҉߸ͷֶͩͬͨΜ͕ͩ
എܠ • ͖͔͚ͬ • LINE Bot API • LINE Bot
API • SSL௨৴ඞਢ • Let’s Encryptͩͱ͑ͳ͍ • AWS͔Β͑Δ • SSLͷূ໌ॻ • Կͷҧ͍͕͋Δͷʁ • ҰମɼԿͷͨΊʹඞཁͳͷʁ
SSLͷඞཁੑ • Wi-FiͷηΩϡϦςΟ • httpsͰͳ͍ͱةݥ • DNSͷηΩϡϦςΟ • ѱҙͷ͋ΔDNS •
ηΩϡΞͳDNS͕ͳ͔ͳ͔Ͱͯ͜ͳ͍ • httpͰDNS໊͚ͩͰ૬खΛ֬ೝ͢Δͷةݥ • DNSΫϥοΫʹΑΔͳΓ͢·͠
ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp
ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ ͏ͦͬ͜ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2
bank.co.jp %/4ͷਖ਼ੑΛ νΣοΫ͢Δज़͕ͳ͍
҉߸௨৴ͷ3ཁ݅ • ൿಗ • ୭ʹ౪ΈݟΒΕͳ͍ • શੑ • ୭ʹվ᜵͞Εͳ͍ •
ೝূ • ୭ʹͳΓ͢·͞Εͳ͍
ࠓͷٕज़ͷݶք • ൿಗ • ૉҼղ͕࣮࣌ؒͰղ͔Εͳ͍ݶΓ҆શ • શੑ • SHAͳͲͰ֬อͰ͖Δ •
ೝূ • ࠓͷͱ͜Ζٕज़తʹղܾͰ͖͍ͯͳ͍
ൿಗ • ެ։伴҉߸ํࣜ • RSA҉߸ • కΊΔ伴ɼ։͚Δ伴͕ҟͳΔ҉߸ํࣜ • 伴ͷૹΛղܾͨ͠ʢ͍ͯ͠ΔʣͱݴΘΕΔ •
ར༻͢Δֶ • ૉҼղ͕࣮࣌ؒͰܭࢉͰ͖ͳ͍ • ࢄର࣮࣌ؒͰܭࢉͰ͖ͳ͍
શੑ • MD5, SHA • ͋ΔσʔλͷϋογϡΛ࡞Δ • MD5ͱαΠζͷখ͍͞SHAةݥ • ϋογϡͷੑ࣭
• σʔλΛೖΕΔͱϋογϡ͕ಘΒΕΔ • ೖྗ͕গ͠ͰมΘΔͱϋογϡେ͖͘มΘΔ • σʔλΛվ᜵ͨ݁͠ՌʹରԠ͢ΔϋογϡΛ༧ଌ ͢Δ͜ͱ͍͠ • →ͭ·ΓϋογϡΛ֬ೝ͢Δͱվ᜵͞Ε͍ͯͳ͍ ͔Λ֬ೝͰ͖Δ
ೝূ • ղܾ͢ΔֶతͳΈະͩʹͳ͍
ൿಗͱશੑΛୡͯ͠ ૹ৴ऀ ड৴ऀ ҉߸Խσʔλ ൿಗ ҉߸Խ શੑ վ᜵ෆՄ ड͚औΔ૬ख͕ ୭ͳͷ͔Θ͔Βͳ͍
߈ܸऀ
߈ܸྫ: man in the middle attack(MTM) ૹ৴ऀ தؒऀ ҉߸Խσʔλ ҉߸Խ
վ᜵ෆՄ ۜߦ ҉߸Խσʔλ ೝূͷΈ͕ͳ͍ͱɼ୭ͱ௨৴͍ͯ͠Δ͔ͷ อূ͕ಘΒΕͳ͍
ݱঢ়ͷରࡦʔSSLೝূہ • ೝূہ - Certificate Authority(CA)
ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp
ೝূہ ূ໌ॻ ͦΕۜߦͷ ূ໌ॻͰ͢
ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2 bank.co.jp
ೝূہ ূ໌ॻ ͦΕͩΕʁ
OSXʹσϑΥϧτͰೖΔূ໌ॻ
ΦϨΦϨূ໌͕μϝͳཧ༝ • man in the middle attack(MTM)ͷ㕒৯ • ͱ͍͑ɼMTM͘Β͍͍ͬͯͬͯݴ͏ͳΒɼผ ʹΦϨΦϨূ໌ॻͰΑ͍ͱ͍͏͜ͱ
• ΦϨΦϨূ໌ॻͰ͋ͬͯɼͦͷ૬खͱͷ௨৴ͷൿ ಗɼશੑอͨΕΔ
ͳͥೝূ͕͍͠ͷ͔ • ʮ৴͡Δʯͱ͍͏͜ͱͷఆ͕ٛᐆດ͔ͩΒ
ೝূہͷ৴༻ੑ https://www.jp.websecurity.symantec.com/repository/faq/class.html ৴༻ੑຊͷࣾձతͳ৴༻ੑΛಘΔͷͱ ಉ͡ΈͰߏங͍ͯ͠Δ
SSLূ໌ॻʹ͍ͭͯ • ೝূͷͨΊͷΈ • ҉߸Խͱ͔ɼࠜຊతʹؔͳ͍ • ࣮ࡍͷΈ্͋Δ͕ • ͏·͘ղܾ͢Δֶ/ֶతͳΈ͕ະͩͳ͍ •
ೝূہɾূ໌ॻͷΫϥε • ೝূʹ͕͔͔ۚΔ • Let’s EncryptStartSSLʹ৴པੑ͕Γͳ͍ • VerisignͳͲͷCLASS3৴པੑ͕ߴ͍ˠՁ֨ߴ͍
Let’s Encrypt • ແྉͷSSLূ໌ॻ • ϝʔϧΞυϨεͷΈͷূ໌ • ࣗಈߋ৽ͷͨΊͷεΫϦϓτ͞Ε͍ͯΔ • https://github.com/certbot/certbot
• ߋ৽ͷͨΊͷπʔϧ͕ͪΐͬͱલʹ͔Θͬͨ
Έ • certbot͕Let’s Encryptͱ௨৴ͯ͠ূ໌ॻΛൃߦ • apacheͱnginx • ࣗಈͰূ໌ॻͷΠϯετʔϧ·ͰΔΒ͍͠ • ಈ͔ͳ͍ͬͯBBSʹ͔͋ͬͨΒͬͯͳ͍
• webroot • ಛఆͷύεΛҰ࣌తʹ͏ • letsencryptͷύεʹূ໌ॻ͕ίϐʔ͞ΕΔ • standalone • ಛఆͷϙʔτͰμΠϨΫτʹ௨৴͢ΔʢΒ͍͠ʣ • 80ͱ͔͏ͷͰҰ࣌తʹαʔόΛด͡Δඞཁ͕͋Δ • manual • ڵຯͳ͍ͷͰݟͯͳ͍
͜Μ͚ͩͰΑ͍ ./letsencrypt-auto certonly --webroot \\ -w /var/www/example/ \\ -d www.example.com
ใ • ༗ޮظݶ • 90 • Let’s EncryptӡӦ60Ͱߋ৽͢Δ͜ͱΛਪ • ੍ݶ
• ͻͱͭͷIP͔ΒൃߦͰ͖ΔυϝΠϯ • ͻͱͭͷIP͔ΒൃߦͰ͖Δূ໌ॻͷ • ੍ݶ̓͘Β͍Ͱղআ͞ΕΔ • ೝূہͱͯ͠ • iOS/Windows/OSXʹ৴༻͞Ε͍ͯΔ • ΫϥΠΞϯτʹΑͬͯ৴༻͍ͯ͠ͳ͍ͷͰཁҙ
ࢀߟจݙ • ҉߸શൠ • ݁ߒ, ҉߸ٕज़ೖ • RSA҉߸/ૉपΓ • ϚʔΧεɾσϡɾιʔτΠ,ૉͷԻָ
• ʴͦͷลͷେֶͷઌੜͷαΠτͳͲ
AutolayoutΛ͍ͬͯΔ͕ Զ͏ݶք͔͠Εͳ͍ GUIͷݶք
ݱࡏ࡞ͬͯΔΞϓϦΛྫʹ
Ϗϡʔͷ༁͜Μͳײ͡
Έͳ͞ΜɼͲ͏͍ͬͯͬͯ·͔͢ʁ • Storyboard • Storyboard + xib • ίʔυ
Storyboard ͜ΜͳෳࡶͳϏϡʔΛGUI͔Β ࡞Δͱ͔ෆՄೳ 9999 +1001 3h sonson_twit imgur.com 11 images
Just installed iOS 9.3 Beta without a developer account (iPhone 6S Plus), 3D Touch animation lag gone! Search Sketch 9:41 AM 100%
Storyboard + xib ҙຯෆ໌ த͕Θ͔Βͳ͍
ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ
ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ Θ͚ͳ͍
͜͜Ͱɼ͍ٞͨ͠ • AutolayoutɼࠓޙͲ͏͠·͔͢ʁ • Storyboard • Storyboard + xib •
ίʔυ • Ή͠ΖɼAutolayoutΘͳ͍ • έʔε • ҰਓͰझຯͰॻ͘߹ • ਓͷίʔσΟϯάɼنখ͍͞ • ҙঊ/UI/UXͷσβΠφ͍Δنͷେ͖͍
None
·ͱΊ • SSLʹ͍ͭͯͷ෮श • ऍᷟʹઆ๏Ͱ͢Έ·ͤΜ • ৴༻ʹ͓͕͔͔ۚΓ·͢ • SSL͕ԿͷͨΊʹඞཁ͔ɼৗʹߟ͑·͠ΐ͏ •
Let’s Encryptͷ͍ํʹ͍ͭͯ • Autolayout • ٧Μͩ