diff options
| author | Rasmus Dahlberg <rasmus@rgdd.se> | 2024-10-15 15:35:20 +0200 |
|---|---|---|
| committer | Rasmus Dahlberg <rasmus@rgdd.se> | 2024-10-15 15:35:45 +0200 |
| commit | 76bae02bcd7d6b3ec9eea428e5e95da184a8dbfb (patch) | |
| tree | 410ab71c78c99d35aecd46733958a5699cdf5204 /slides/2018-ct-intro/src/background.tex | |
| parent | 883a67439aff566962adafeb0385c6ae972073a3 (diff) | |
Rescue some slides from old private mono repos
Diffstat (limited to 'slides/2018-ct-intro/src/background.tex')
| -rw-r--r-- | slides/2018-ct-intro/src/background.tex | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/slides/2018-ct-intro/src/background.tex b/slides/2018-ct-intro/src/background.tex new file mode 100644 index 0000000..a61d205 --- /dev/null +++ b/slides/2018-ct-intro/src/background.tex @@ -0,0 +1,55 @@ +\begin{frame} + \frametitle{How is trust established on the web?} + \centering + \includegraphics<1>[height=0.85\textheight]{img/chrome-http} + \includegraphics<2>[height=0.85\textheight]{img/chrome-https} +\end{frame} + +\begin{frame} + \frametitle{What is the meaning of the padlock?} + \begin{columns} + \begin{column}{0.69\textwidth} + \begin{description} + \item[\tyes] Communication is encrypted + \item[\tyes] Communication is not tampered with + \item[\tyes] Server identity is verified + \end{description} + \end{column} + \begin{column}{0.29\textwidth} + \centering + \includegraphics[width=0.9\textwidth]{img/padlock} + \end{column} + \end{columns} +\end{frame} + +\begin{frame} + \frametitle{Server verification relies on certificate issuance} + \centering + \includegraphics[height=0.85\textheight]{img/chrome-cert} +\end{frame} + +\begin{frame} + \frametitle{Tracking certificate issuance is a mess} + \centering + \includegraphics[height=0.8\textheight,width=0.7\textwidth]{img/ca-mess} + \scriptsize{\url{https://www.eff.org/files/colour_map_of_cas.pdf}} +\end{frame} + +\begin{frame} + \frametitle{Certificate issuance gone wrong...} + \centering + \begin{tabular}{cc|l} + Year & Issuer & Mis-issued certificates affected e.g. \\ + \toprule + 2010 & Versign & Unkown \\ + 2011 & Comodo & Google, Mozilla, Yahoo \\ + 2011 & DigiNotar & Google\footnote{These certificates were used to attack $\approx100,000$ gmail users in Iran}, Skype, Tor... \\ + 2012 & Trustwave & Enterprise employees \\ + 2012 & T\"{u}rkTrust & Google \\ + 2013 & ANSSI & Google \\ + 2013 & Thawte & Google \\ + 2016 & Let's Encrypt & Facebook \\ + ... & ... & ... \\ + \end{tabular} +\end{frame} + |