Rootconf Pune edition

On security, network engineering and distributed systems

Lets talk about TLS 1.3

Submitted by Huzaifa Sidhpurwala (@huzaifas) on Mar 10, 2019

Section: Full talk Technical level: Intermediate Section: Full talk (40 mins) Category: Security Status: Confirmed & Scheduled

Abstract

SSL/TLS is probably the most widely used security protocol on the internet. Since heartbleed was discovered a few years back, this protocol has been constantly audited and evaluated by security researchers around the world. TLS 1.3 is the latest version of the protcol designed from ground up to be more secure than its previous versions. This talk discusses new features and security improvements in TLS 1.3.

Outline

We will talk about what SSL/TLS is, why it is important for the internet. Then take a brief look at few of the security flaws in the protocol over the years. The finally look at security and performance improvements in TLS 1.3. Lastly why should this affect you as a systems engineer, system administrator, developer or even as a normal user.

Requirements

Basic understanding of how protocols work, basic understanding of cryptography.

Speaker bio

I work as a Principal Product Security Engineer with Red Hat. I have been involved with high impact security flaws specially related to SSL/TLS over the last 10 years. I am a part of various upstream security teams and a contributor to Fedora security team.

Slides

https://www.slideshare.net/HuzaifaSidhpurwala/rootconf2019

Comments

{{ errorMsg }}

You need to be a participant to comment.

Login to leave a comment