Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Tim Nash
January 01, 2017
Programming
1k
0
Share
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.4k
Come to the dark side
timnashcouk
0
77
Practical WordPress Security 2018
timnashcouk
0
430
Practical WordPress Security
timnashcouk
0
1.7k
Baking Security into your workflow - Early
timnashcouk
0
990
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
「AIで開発し、AIを届ける」をEvalでつなぐ 〜AIネイティブに始めるプロダクト開発の実践〜 / Connecting "Develop with AI, deliver AI" with Eval
rkaga
4
2.2k
脅威をエンジニアリングの糧にして――現場編 / Turning Threats into Engineering Fuel — Field Edition
nrslib
0
250
Spec-Driven Development with AI-Agents: From High-Level Requirements to Working Software
antonarhipov
2
440
Copilot CLI の継戦能力を高める コンテキスト管理
nozomutu
1
1.2k
IBM Bobを活用したレガシーアプリの最新化
oniak3ibm
PRO
1
170
Webフレームワークの ベンチマークについて
yusukebe
0
110
TypeScript+Orvalで実現する型安全かつ堅牢でスケーラブルなマルチチャネル通知基盤 / TSKaigi Night talks ~after conference~
d0riven
0
270
AI時代の仕事技芸論 — ソフトウェア開発で「遊ぶように働く」職人的熟達のすすめ
kuranuki
1
610
JavaDoc 再入門
nagise
0
280
GitHub Copilot CLIのいいところ
htkym
2
1.3k
プラグインで拡張される Context をtype-safe にする難しさと設計判断
kazupon
2
580
並列実装の現場、2ヶ月間実務でAIを使い倒したAIもPCも私も限界が近い
ming_ayami
0
110
Featured
See All Featured
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
520
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
WENDY [Excerpt]
tessaabrams
11
38k
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
aleyda
1
1.3k
Site-Speed That Sticks
csswizardry
13
1.2k
Navigating Weather and Climate Data
rabernat
0
210
BBQ
matthewcrist
89
10k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
Building a Modern Day E-commerce SEO Strategy
aleyda
45
9.1k
Are puppies a ranking factor?
jonoalderson
1
3.5k
Testing 201, or: Great Expectations
jmmastey
46
8.2k
ラッコキーワード サービス紹介資料
rakko
1
3.5M
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
rkaga
nrslib
antonarhipov
nozomutu
oniak3ibm
yusukebe
d0riven
kuranuki
nagise
htkym
kazupon
ming_ayami
marktimemedia
caitiem20
tessaabrams
aleyda
csswizardry
rabernat
matthewcrist
sstephenson
jonoalderson
jmmastey
rakko
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}