From 76bae02bcd7d6b3ec9eea428e5e95da184a8dbfb Mon Sep 17 00:00:00 2001
From: Rasmus Dahlberg <rasmus@rgdd.se>
Date: Tue, 15 Oct 2024 15:35:20 +0200
Subject: Rescue some slides from old private mono repos

---
 slides/2018-ct-intro/src/background.tex | 55 +++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 slides/2018-ct-intro/src/background.tex

(limited to 'slides/2018-ct-intro/src/background.tex')

diff --git a/slides/2018-ct-intro/src/background.tex b/slides/2018-ct-intro/src/background.tex
new file mode 100644
index 0000000..a61d205
--- /dev/null
+++ b/slides/2018-ct-intro/src/background.tex
@@ -0,0 +1,55 @@
+\begin{frame}
+  \frametitle{How is trust established on the web?}
+  \centering
+  \includegraphics<1>[height=0.85\textheight]{img/chrome-http}
+  \includegraphics<2>[height=0.85\textheight]{img/chrome-https}
+\end{frame}
+
+\begin{frame}
+  \frametitle{What is the meaning of the padlock?}
+  \begin{columns}
+    \begin{column}{0.69\textwidth}
+      \begin{description}
+        \item[\tyes] Communication is encrypted
+        \item[\tyes] Communication is not tampered with
+        \item[\tyes] Server identity is verified
+      \end{description}
+    \end{column}
+    \begin{column}{0.29\textwidth}
+      \centering
+      \includegraphics[width=0.9\textwidth]{img/padlock}
+    \end{column}
+  \end{columns}
+\end{frame}
+
+\begin{frame}
+  \frametitle{Server verification relies on certificate issuance}
+  \centering
+  \includegraphics[height=0.85\textheight]{img/chrome-cert}
+\end{frame}
+
+\begin{frame}
+  \frametitle{Tracking certificate issuance is a mess}
+  \centering
+  \includegraphics[height=0.8\textheight,width=0.7\textwidth]{img/ca-mess}
+  \scriptsize{\url{https://www.eff.org/files/colour_map_of_cas.pdf}}
+\end{frame}
+
+\begin{frame}
+  \frametitle{Certificate issuance gone wrong...}
+  \centering
+  \begin{tabular}{cc|l}
+    Year  & Issuer & Mis-issued certificates affected e.g. \\
+    \toprule
+    2010 & Versign        & Unkown \\
+    2011 & Comodo         & Google, Mozilla, Yahoo \\
+    2011 & DigiNotar      & Google\footnote{These certificates were used to attack $\approx100,000$ gmail users in Iran}, Skype, Tor... \\
+    2012 & Trustwave      & Enterprise employees \\
+    2012 & T\"{u}rkTrust  & Google \\
+    2013 & ANSSI          & Google \\
+    2013 & Thawte         & Google \\
+    2016 & Let's Encrypt  & Facebook \\
+    ...  &  ...           & ... \\
+  \end{tabular}
+\end{frame}
+
-- 
cgit v1.2.3