Completed
Operational Security
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Protecting Firefox Data with Content Signatures
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Updating Firefox Updates
- 3 Updates Security
- 4 Serving data through web APIs Industry best practice: HTTPS and trust the backend. That has two problems
- 5 HTTPS Interception . 4% of Firefox Updates are being intercepted
- 6 Compromise of web API
- 7 Internal Firefox PKI
- 8 Delivering Content Signatures
- 9 Verifying Content Signatures
- 10 Operational Security
- 11 Some interesting problems
- 12 Checking certificate validity . Signature verification fails when client clock
- 13 Measuring validation failures . Firefox drops the data when the signature does not validate
- 14 Emergency revocations
- 15 Implementation complexity
