let’s encrypt - world wide web consortium · 2015-09-17 · let’s encrypt olivier yiptong...
TRANSCRIPT
PRIVACY MATTERS
PRIVACY MATTERS: HTTPS
• Confidentiality
• Data Integrity
• Authentication
NO PRIVACY: HTTP
• Public-only communication
• (Possibly?) Tampered messages
• Of dubious origin
PUBLIC COMMUNICATIONS
PUBLIC COMMUNICATIONS
• Firesheep
PUBLIC COMMUNICATIONS
• Firesheep
PUBLIC COMMUNICATIONS
• Firesheep
• AT&T
TAMPERING
TAMPERING
• Verizon Perma-Cookies
TAMPERING
• Verizon Perma-Cookies
TAMPERING
• Verizon Perma-Cookies
• Comcast ad injection
TAMPERING
• Verizon Perma-Cookies
• Comcast ad injection
• China - GitHub
OF DUBIOUS ORIGIN
• Turk Telecom
OF DUBIOUS ORIGIN
• Turk Telecom
• China Netcom
OF DUBIOUS ORIGIN
• Turk Telecom
• China Netcom
• AT&T
OF DUBIOUS ORIGIN
PRIVACY MATTERS: HTTPS
• Encryption (Private communication)
• Data Integrity (Certainly untampered)
• Authentication (Certain of origin)
HTTPS FOR YOU
• Remove industrial espionage vector
• No customer hijacking
• No impersonation
HTTP DEPRECATION
• Firefox: non-secure website won’t have access to new features
• Chrome: display websites over HTTP as non-secure
UPCOMING FUNCTIONALITY
• HTTP/2 (TLS-only on Firefox, Chrome and IE)
- bandwidth + latency gains
• Advanced Caching (ServiceWorkers)
POSSIBLE UPGRADE PATH
• Referrer Policyhttp://www.w3.org/TR/referrer-policy
• Upgrade Insecure Requestshttp://www.w3.org/TR/upgrade-insecure-requests/