X6j7jjrhbn7tlib7dpfd
SkillsCast

The Best TLS Training in the World

13th December 2017 in London at CodeNode

This SkillsCast was filmed at The Best TLS Training in the World

This session was not filmed.

Course Outline

  1. Introduction

    1. The need for network encryption
    2. Understanding encrypted communication
    3. The role of public key infrastructure (PKI)
    4. SSL/TLS and Internet PKI threat model

  2. Keys and certificates

    1. RSA and ECDSA: selecting the right key algorithm and size
    2. Certificate hostnames and lifetime
    3. Practical work:
      1. Private key generation
      2. Certificate Signing Request (CSR) generation
      3. Self­signed certificates
      4. Obtaining valid certificates from Let’s Encrypt
    4. Sidebar: Revocation
    5. Sidebar: Performance considerations

  3. Protocols and cipher suites

    1. Protocol security
    2. Key exchange strength
    3. Forward security
    4. Cipher suite configuration
    5. Practical work
      1. Secure web server configuration
      2. Server testing using SSL Labs
    6. Sidebar: Server Name indication (SNI)
    7. Sidebar: Performance considerations

  4. HTTPS topics

    1. Man-in-the-middle attacks
    2. Mixed content
    3. Cookie security
    4. CRIME: Information leakage via compression
    5. HTTP Strict Transport Security
    6. Content Security Policy
    7. HTTP Public Key Pinning
    8. Practical work:
      1. Deploying HSTS to deploy robust encryption
      2. Deploying CSP to deal with mixed content

  5. Putting it all together: Getting an A+ in SSL Labs

We will also provide you with many additional exercises that you can work on in your own time. You'll be able to ask us for help via email. And if you're already familiar with the basics, we'll challenge you with some of the advanced exercises on the day.

Thanks to our sponsors

The Best TLS Training in the World

Scott Helme

Scott Helme is a security researcher, consultant and international speaker. He can often be found talking about web security and performance online and helping organisations better deploy both.

SkillsCast

This session was not filmed.

Course Outline

  1. Introduction

    1. The need for network encryption
    2. Understanding encrypted communication
    3. The role of public key infrastructure (PKI)
    4. SSL/TLS and Internet PKI threat model

  2. Keys and certificates

    1. RSA and ECDSA: selecting the right key algorithm and size
    2. Certificate hostnames and lifetime
    3. Practical work:
      1. Private key generation
      2. Certificate Signing Request (CSR) generation
      3. Self­signed certificates
      4. Obtaining valid certificates from Let’s Encrypt
    4. Sidebar: Revocation
    5. Sidebar: Performance considerations

  3. Protocols and cipher suites

    1. Protocol security
    2. Key exchange strength
    3. Forward security
    4. Cipher suite configuration
    5. Practical work
      1. Secure web server configuration
      2. Server testing using SSL Labs
    6. Sidebar: Server Name indication (SNI)
    7. Sidebar: Performance considerations

  4. HTTPS topics

    1. Man-in-the-middle attacks
    2. Mixed content
    3. Cookie security
    4. CRIME: Information leakage via compression
    5. HTTP Strict Transport Security
    6. Content Security Policy
    7. HTTP Public Key Pinning
    8. Practical work:
      1. Deploying HSTS to deploy robust encryption
      2. Deploying CSP to deal with mixed content

  5. Putting it all together: Getting an A+ in SSL Labs

We will also provide you with many additional exercises that you can work on in your own time. You'll be able to ask us for help via email. And if you're already familiar with the basics, we'll challenge you with some of the advanced exercises on the day.

Thanks to our sponsors

About the Speaker

The Best TLS Training in the World

Scott Helme

Scott Helme is a security researcher, consultant and international speaker. He can often be found talking about web security and performance online and helping organisations better deploy both.