We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

The Sorry State of SSL

Formal Metadata

Title
The Sorry State of SSL
Title of Series
Part Number
117
Number of Parts
119
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language
Production PlaceBerlin

Content Metadata

Subject Area
Genre
Abstract
Hynek - The Sorry State of SSL Those web pages with shiny lock icons boasting that your data is safe because of “256 bit encryption”? They are lying. In times of mass surveillance and commercialized Internet crime you should know why that’s the case. This talk will give you an overview that will help you to assess your personal security more realistically and to make your applications as secure as possible against all odds. ----- The rule of thumb for people without degrees in cryptography on securing data on the Internet is “GPG for data at rest. TLS for data in motion”. And it’s actually a very good rule everyone should follow. The only kicker though is that configuring (and using!) TLS properly is not as simple as it sounds and if you’re not diligent as a user, developer, and ops engineer, you can easily compromise your data’s security despite best effort of everyone else. This talk will be multifaceted; you will learn: - how SSL and TLS roughly work and why their state is sorry, - server- and client-side duties for best possible security, - what alternatives you have for using TLS in Python, - things to keep in mind when configuring servers, - and what perils outside your control still can trip you up. In other words, the leitmotif is to show you the most common traps you should know about when using and deploying applications relying on TLS for transport layer security and how to avoid them.
Keywords