Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Tim Nash
January 01, 2017
Programming
0
1k
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.3k
Come to the dark side
timnashcouk
0
66
Practical WordPress Security 2018
timnashcouk
0
390
Practical WordPress Security
timnashcouk
0
1.7k
Baking Security into your workflow - Early
timnashcouk
0
980
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
為你自己學 Python - 冷知識篇
eddie
1
350
Testing Trophyは叫ばない
toms74209200
0
880
Navigation 2 を 3 に移行する(予定)ためにやったこと
yokomii
0
270
Namespace and Its Future
tagomoris
6
700
FindyにおけるTakumi活用と脆弱性管理のこれから
rvirus0817
0
520
@Environment(\.keyPath)那么好我不允许你们不知道! / atEnvironment keyPath is so good and you should know it!
lovee
0
120
print("Hello, World")
eddie
2
530
Design Foundational Data Engineering Observability
sucitw
3
200
Putting The Genie in the Bottle - A Crash Course on running LLMs on Android
iurysza
0
140
Oracle Database Technology Night 92 Database Connection control FAN-AC
oracle4engineer
PRO
1
450
AWS発のAIエディタKiroを使ってみた
iriikeita
1
190
意外と簡単!?フロントエンドでパスキー認証を実現する WebAuthn
teamlab
PRO
2
760
Featured
See All Featured
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
How STYLIGHT went responsive
nonsquared
100
5.8k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
48
9.7k
Facilitating Awesome Meetings
lara
55
6.5k
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.5k
Intergalactic Javascript Robots from Outer Space
tanoku
272
27k
Making Projects Easy
brettharned
117
6.4k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
36
2.5k
Fireside Chat
paigeccino
39
3.6k
Designing for humans not robots
tammielis
253
25k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
51
5.6k
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
eddie
toms74209200
yokomii
tagomoris
rvirus0817
lovee
sucitw
iurysza
oracle4engineer
iriikeita
teamlab
kastner
destraynor
nonsquared
mongodb
lara
jnunemaker
tanoku
brettharned
eileencodes
paigeccino
tammielis
reverentgeek
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}