Explore the complexities of managing TLS/SSL certificates and endpoints in this 33-minute LASCON conference talk from 2015. Delve into the challenges of keeping up with emerging vulnerabilities, expired certificates, and evolving cipher and hashing algorithms. Learn about the impact of server misconfigurations, unpatched systems, and flawed implementations on security. Discover steps and tools for managing and automating updates to TLS/SSL endpoints, including OpenSSL, TestSSL, and TLS Manager. Examine real-life scenarios such as Google's move away from OpenSSL, the introduction of Let's Encrypt, and the deprecation of SHA-1. Gain insights into encryption suites, the Diffie-Hellman apocalypse, and the OpenStack Security Project. Equip yourself with knowledge to navigate the constantly changing landscape of TLS/SSL security and maintain robust, up-to-date systems.
Overview
Syllabus
Intro
Poodles
Eelliptic Curve
OpenSSL
Configuration
TLS
Vulnerabilities
Export Encryption
OpenSSL S
TestSSL
CertsSSL
Cypher List
TLS Manager
GitHub
Real Life
Google Ditches Openssl
Lets Encrypt
SHA1 is broken
Diffie Hellman apocalypse
Closing thoughts
QA
Encryption Suites
OpenStack Security Project
Taught by
LASCON
