let’s encrypt - world wide web consortium · let’s encrypt olivier yiptong...
TRANSCRIPT
![Page 2: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/2.jpg)
PRIVACY MATTERS
![Page 3: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/3.jpg)
PRIVACY MATTERS: HTTPS
• Confidentiality
• Data Integrity
• Authentication
![Page 4: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/4.jpg)
NO PRIVACY: HTTP
• Public-only communication
• (Possibly?) Tampered messages
• Of dubious origin
![Page 5: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/5.jpg)
PUBLIC COMMUNICATIONS
![Page 6: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/6.jpg)
PUBLIC COMMUNICATIONS
• Firesheep
![Page 7: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/7.jpg)
PUBLIC COMMUNICATIONS
• Firesheep
![Page 8: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/8.jpg)
PUBLIC COMMUNICATIONS
• Firesheep
• AT&T
![Page 9: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/9.jpg)
TAMPERING
![Page 10: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/10.jpg)
TAMPERING
• Verizon Perma-Cookies
![Page 11: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/11.jpg)
TAMPERING
• Verizon Perma-Cookies
![Page 12: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/12.jpg)
TAMPERING
• Verizon Perma-Cookies
• Comcast ad injection
![Page 13: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/13.jpg)
TAMPERING
• Verizon Perma-Cookies
• Comcast ad injection
• China - GitHub
![Page 14: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/14.jpg)
OF DUBIOUS ORIGIN
![Page 15: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/15.jpg)
• Turk Telecom
OF DUBIOUS ORIGIN
![Page 16: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/16.jpg)
• Turk Telecom
• China Netcom
OF DUBIOUS ORIGIN
![Page 17: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/17.jpg)
• Turk Telecom
• China Netcom
• AT&T
OF DUBIOUS ORIGIN
![Page 18: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/18.jpg)
PRIVACY MATTERS: HTTPS
• Encryption (Private communication)
• Data Integrity (Certainly untampered)
• Authentication (Certain of origin)
![Page 19: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/19.jpg)
HTTPS FOR YOU
• Remove industrial espionage vector
• No customer hijacking
• No impersonation
![Page 20: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/20.jpg)
HTTP DEPRECATION
• Firefox: non-secure website won’t have access to new features
• Chrome: display websites over HTTP as non-secure
![Page 21: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/21.jpg)
UPCOMING FUNCTIONALITY
• HTTP/2 (TLS-only on Firefox, Chrome and IE)
- bandwidth + latency gains
• Advanced Caching (ServiceWorkers)
![Page 22: LET’S ENCRYPT - World Wide Web Consortium · LET’S ENCRYPT Olivier Yiptong oyiptong@mozilla.com. PRIVACY MATTERS. PRIVACY MATTERS: HTTPS](https://reader034.vdocuments.us/reader034/viewer/2022042320/5f09af6e7e708231d4280605/html5/thumbnails/22.jpg)
POSSIBLE UPGRADE PATH
• Referrer Policyhttp://www.w3.org/TR/referrer-policy
• Upgrade Insecure Requestshttp://www.w3.org/TR/upgrade-insecure-requests/