Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Tim Nash
January 01, 2017
Programming
0
1k
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.3k
Come to the dark side
timnashcouk
0
68
Practical WordPress Security 2018
timnashcouk
0
410
Practical WordPress Security
timnashcouk
0
1.7k
Baking Security into your workflow - Early
timnashcouk
0
990
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
AIエージェントのキホンから学ぶ「エージェンティックコーディング」実践入門
masahiro_nishimi
5
400
React 19でつくる「気持ちいいUI」- 楽観的UIのすすめ
himorishige
11
7.3k
15年続くIoTサービスの SREエンジニアが挑む 分散トレーシング導入
melonps
2
190
HTTPプロトコル正しく理解していますか? 〜かわいい猫と共に学ぼう。ฅ^•ω•^ฅ ニャ〜
hekuchan
2
680
組織で育むオブザーバビリティ
ryota_hnk
0
170
今から始めるClaude Code超入門
448jp
8
8.6k
なるべく楽してバックエンドに型をつけたい!(楽とは言ってない)
hibiki_cube
0
140
MDN Web Docs に日本語翻訳でコントリビュート
ohmori_yusuke
0
650
AI時代の認知負荷との向き合い方
optfit
0
150
なぜSQLはAIぽく見えるのか/why does SQL look AI like
florets1
0
450
それ、本当に安全? ファイルアップロードで見落としがちなセキュリティリスクと対策
penpeen
7
3.8k
Smart Handoff/Pickup ガイド - Claude Code セッション管理
yukiigarashi
0
130
Featured
See All Featured
Code Review Best Practice
trishagee
74
20k
Imperfection Machines: The Place of Print at Facebook
scottboms
269
14k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
9.9k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.6k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
49
9.9k
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
240
Music & Morning Musume
bryan
47
7.1k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
750
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
180
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
580
A brief & incomplete history of UX Design for the World Wide Web: 1989–2019
jct
1
300
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
masahiro_nishimi
himorishige
melonps
hekuchan
ryota_hnk
448jp
hibiki_cube
ohmori_yusuke
optfit
florets1
penpeen
yukiigarashi
trishagee
scottboms
eileencodes
jcasabona
mongodb
skipperchong
bryan
bluesmoon
techseoconnect
baasie
jct
denniskardys
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}