tls usage in russian domain space
play

TLS: usage in Russian Domain Space Dmitry Belyavskiy, TCI ICANN 58 - PowerPoint PPT Presentation

Feb 26, 2024 •130 likes •329 views

TLS: usage in Russian Domain Space Dmitry Belyavskiy, TCI ICANN 58 Tech Day March 13, 2017 Copenhagen, Denmark TLS: brief history SSLv2 deprecated (RFC 6176) SSLv3 deprecated (RFC 7568) TLS 1.0 RFC 2246 (1999) TLS 1.1

  1. TLS: usage in Russian Domain Space Dmitry Belyavskiy, TCI ICANN 58 Tech Day March 13, 2017 Copenhagen, Denmark

  2. TLS: brief history • SSLv2 deprecated (RFC 6176) • SSLv3 deprecated (RFC 7568) • TLS 1.0 – RFC 2246 (1999) • TLS 1.1 – RFC 4346 (2006) • TLS 1.2 – RFC 5246 (2008) Waiting for TLS 1.3! Source: https://www.trustworthyinternet.org/ssl-pulse/

  3. Ubiquitous encryption!  >50% of traffic is encrypted (2016)  New protocol require encryption by design  Hosters enable TLS by default  Universal SSL  DNS – the last major unprotected protocol  RFC 7626

  4. Russian Domains  RU (since 1994) – more than 5 500 000 РФ ( since 2010) – more than 900 000   The largest IDN domain in the world!  SU (since 1990) – about 120 000 New gTLDs: .ДЕТИ, .TATAR   3rd-level domains Geographical, generic…  Company Logo

  5. TLDStat: overview  Project of CCTLD .RU and Technical Center of Internet  Based on Registry data  Domains: .RU, .SU, . РФ… http://statdom.ru/  Domain .LV http://tldstat.com/  Public and limited access to data Company Logo

  6. TldStat Sour с e: http://statdom.ru/

  7. Powerful reporting tool Reports  By region  By age of the domain  By registrar  All you want! Company Logo

  8. Various forms of visualization Sour с e: http://statdom.ru/

  9. TLS: methodology Collecting the TLS statistics  Process all the domains in .RU  443 port  Collect certificates  Build chains of trust to browser roots  Profit! Full description: http://statdom.ru/about/glossary Company Logo

  10. Amount of certificates in .RU 250000 200000 150000 Self-signed 100000 Valid 50000 0 July 2015 Apr 2016 Jan 2017 Company Logo

  11. .RU: сертификаты Certificates:  July 2015: 28 000  Feb 2017: 226 000 Web-sites:  July 2015: 34 000  Feb 2017: 258 000 Company Logo

  12. .RU: CA distribution 1. Let’s Encrypt – 46% 2. Cloudflare – 15,5% 3. cPanel – 13,5% 4. Globalsign – 10% Let’s Encrypt appeared in March 2016 and provided a significant growth Company Logo

  13. .RU: CA migrations Gainers Losers 1. Let’s Encrypt 1. WoSign -900 +3000 2. GlobalSign -600 2. StartCom +700 3. COMODO (EC+RSA) +300 Total migration: 4500 / 45000 (Jan-Aug 2016) 5500 / 94000 (Aug 2016 – Feb 2017) Signed month later – 90%+ Company Logo

  14. .RU: algorithms  SHA1: 13% => 0.05% (116 certs)  RSA: ~85%  EC: ~15%  Maximum in March 2016: 32% Company Logo

  15. Interesting facts  Almost all EC certificates are from Cloudflare  ~70% certificates are free or parts of bundle  ~600 EV certificates  More at 3 rd level  NO correlation between EV and DNSSec  MX STARTTLS: 70% IP-addresses Company Logo

  16. What do users think  TLS is about encryption  No. You should authenticate the 2nd party  Green locks save  No. Domain with similar name + Certificate for free = PHISHING  Use EV certificates! And explain it to your clients… Company Logo

  17. What are we to worry about  Mobile applications  Certificate validation errors  Both on iDevices and Android  VPNs for Android are not secure enough  TLS termination  The most protected software are browsers.  TLS proxies have a lot of errors https://madiba.encs.concordia.ca/~x_decarn/pap ers/tls-proxy-ndss2016.pdf Company Logo

  18. How to protect yourself Problem: ANY CA can issue a certificate for ANY domain Solutions:  DANE  Certificate transparency  Certificate pinning Company Logo

  19. Questions ? Email: beldmit@tcinet.ru

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Optimizing for Space and Time Optimizing for Space and Time Usage with Speculative Par Usage

Optimizing for Space and Time Optimizing for Space and Time Usage with Speculative Par Usage

Optimizing for Space and Time Optimizing for Space and Time Usage with Speculative Par Usage with Speculative Partial ial Redundancy E Redundancy E limination limination Bernhard Scholz, University of Sydney, Australia Nigel Horspool,

661 views • 33 slides
COOPERATION CAPABILITIES for ESCAP: Space Applications Developed by Russian Space Systems 1 1

COOPERATION CAPABILITIES for ESCAP: Space Applications Developed by Russian Space Systems 1 1

COOPERATION CAPABILITIES for ESCAP: Space Applications Developed by Russian Space Systems 1 1 EXPERTISE Space systems Ground facilities Navigation Communication, Space Space Ground control facility broadcasting Data

424 views • 5 slides
The Usage of Counter Revisited: Second-Preimage Attack on New Russian Standardized Hash Function

The Usage of Counter Revisited: Second-Preimage Attack on New Russian Standardized Hash Function

The Usage of Counter Revisited: Second-Preimage Attack on New Russian Standardized Hash Function Jrmy Jean 1 joint work with: Jian Guo 1 Gatan Leurent 2 Thomas Peyrin 1 Lei Wang 1 1 Nanyang Technological University, Singapore 2 INRIA, France

847 views • 40 slides
single information and exhibition space The Russian Health Care Week is firmly on the Russian

single information and exhibition space The Russian Health Care Week is firmly on the Russian

UNIQUE FORMAT: single information and exhibition space The Russian Health Care Week is firmly on the Russian Ministry of Health Care event calendar. Russias key platform showcasing medical equipment, supplies and other health care

274 views • 11 slides
Space Weather - Key Element for Space Domain Awareness 15 Apr 15 Maj Gen Steve Denker HQ

Space Weather - Key Element for Space Domain Awareness 15 Apr 15 Maj Gen Steve Denker HQ

Space Weather - Key Element for Space Domain Awareness 15 Apr 15 Maj Gen Steve Denker HQ AFSPC/A2/3/6 This briefing is for information only. No US Government commitment to sell, loan, lease, co-develop or co-produce defense articles or

182 views • 7 slides
Recent Developments in the Domain Name Space Interna'onalized

Recent Developments in the Domain Name Space Interna'onalized

Recent Developments in the Domain Name Space Interna'onalized Domain Names and New Generic Top-Level Domains Agenda Overview of domain names Internationalized

244 views • 23 slides
Chapter 7 The Application Layer DNS The Domain Name System The DNS Name Space

Chapter 7 The Application Layer DNS The Domain Name System The DNS Name Space

Chapter 7 The Application Layer DNS The Domain Name System The DNS Name Space Resource Records Name Servers The DNS Name Space A portion of the Internet domain name space. Resource Records The principal DNS resource

1.38k views • 89 slides
I. Introduction II. Collision of Domain Walls in 5D Minkowski Space III. Reheating by Collision

I. Introduction II. Collision of Domain Walls in 5D Minkowski Space III. Reheating by Collision

I. Introduction II. Collision of Domain Walls in 5D Minkowski Space III. Reheating by Collision of Branes IV. Fermion Localization at Collision V. Collision of Domain Walls in Asymptotically AdS Space VI. Summary Kei-ichi Maeda Waseda Univ.

451 views • 26 slides
Domain Name Commission v DomainTools Case re unauthorized access to .nz domain name space

Domain Name Commission v DomainTools Case re unauthorized access to .nz domain name space

Domain Name Commission v DomainTools Case re unauthorized access to .nz domain name space Overview The Domain Name Commission who we are What this action is about and why we took action in the US Current position What others

179 views • 6 slides
Columbia University Fiscal Year 2019 Space Inventory and Functional Usage Training May 2019

Columbia University Fiscal Year 2019 Space Inventory and Functional Usage Training May 2019

Columbia University Fiscal Year 2019 Space Inventory and Functional Usage Training May 2019 Background 1. Background 2. Space Survey Overview 3. Space Survey Process -Complete Space Survey 4. Project Support 5. Questions 6. Appendices

775 views • 61 slides
Cost Semantics for Space Usage in a Parallel Language Daniel Spoonhower Carnegie Mellon

Cost Semantics for Space Usage in a Parallel Language Daniel Spoonhower Carnegie Mellon

Cost Semantics for Space Usage in a Parallel Language Daniel Spoonhower Carnegie Mellon University (Joint work with Guy Blelloch & Robert Harper) DAMP 16 Jan 2007 Understanding How Programs Compute Interested in intensional behavior of

618 views • 42 slides
VAST: Visibility Across Space and Time Architecture & Usage Matthias Vallentin

VAST: Visibility Across Space and Time Architecture & Usage Matthias Vallentin

VAST: Visibility Across Space and Time Architecture & Usage Matthias Vallentin matthias@bro.org BroCon August 19, 2014 2 / 27 3 / 27 4 / 27 Outline 1. Introduction: VAST 2. Architecture Overview Example Workflow: Query Data Model

485 views • 46 slides
Free-Space Optical Interconnect: an Alternative Optical Domain Electrical Electrical Domain

Free-Space Optical Interconnect: an Alternative Optical Domain Electrical Electrical Domain

12/5/10 Initial Results of Prototyping a 3-D Integrated Intra-Chip Free-Space Optical Interconnect Berkehan Ciftcioglu, Rebecca Berman, Jian Zhang, Zach Darling, Alok Garg , Jianyun Hu, Manish Jain, Peng Liu, Ioannis Savidis, Shang Wang, Jing

607 views • 12 slides
The spectrum of the Laplacian in a domain bounded by a flexible polyhedron in Euclidean space

The spectrum of the Laplacian in a domain bounded by a flexible polyhedron in Euclidean space

The spectrum of the Laplacian in a domain bounded by a flexible polyhedron in Euclidean space does not always remain unaltered during the flex Victor Alexandrov Sobolev Institute of Mathematics and Novosibirsk State University, Russia July 8,

567 views • 18 slides
Space in EDA - RTO

Space in EDA - RTO

ESA and the domain of security and defence Space in EDA - RTO

755 views • 48 slides
Local and global structure of domain wall space-time Yu-Huei Wu 1. Center for Mathematics and

Local and global structure of domain wall space-time Yu-Huei Wu 1. Center for Mathematics and

Introduction and Motivation Our basic picture DWs in de-Sitter space and its global structure Conclusion and Outlook Conclusion Local and global structure of domain wall space-time Yu-Huei Wu 1. Center for Mathematics and Theoretical Physics,

405 views • 22 slides
INVESTOR PRESENTATION - March 2019 - IGNITING BUSINESS INTELLIGENCE Private Blockchain Data

INVESTOR PRESENTATION - March 2019 - IGNITING BUSINESS INTELLIGENCE Private Blockchain Data

INVESTOR PRESENTATION - March 2019 - IGNITING BUSINESS INTELLIGENCE Private Blockchain Data Management Solutions Disclaimer This presentation is confidential and contains proprietary non- public information regarding Graph Blockchain Inc. (the

531 views • 15 slides
Learning and Creating Through Songs & Books From Twinkle, Twinkle Little Star to George

Learning and Creating Through Songs & Books From Twinkle, Twinkle Little Star to George

Learning and Creating Through Songs & Books From Twinkle, Twinkle Little Star to George Washington With Cantata Learning When I was a teachers Assistant in the Kindergarten room at Friends School of Minneapolis, Music was one of our

622 views • 50 slides
Balanced Literacy Balanced Literacy M A R Y R O W L A N D S O N E L E M E N T A R Y S CH O O L

Balanced Literacy Balanced Literacy M A R Y R O W L A N D S O N E L E M E N T A R Y S CH O O L

Balanced Literacy Balanced Literacy M A R Y R O W L A N D S O N E L E M E N T A R Y S CH O O L M A R Y R O W L A N D S O N E L E M E N T A R Y S CH O O L 2 0 13 To create independent readers readers, competent writers, articulate i

534 views • 16 slides
2020-2021 Campus Budget Federal & S CE Programs Director Budget Allocations - DUE on TEAMS

2020-2021 Campus Budget Federal & S CE Programs Director Budget Allocations - DUE on TEAMS

By: Rebecca Castaeda 2020-2021 Campus Budget Federal & S CE Programs Director Budget Allocations - DUE on TEAMS by June 22, 2020 As part of ES S A we must have an S upplement not S upplant (S NS ) Methodology Funding

450 views • 17 slides
SUSTAINABILITY OF NATIONAL BAR ASSOCIATION: REFLECTION ON MISCELLANEOUS AMENDMENTS ACT NO. 2 OF

SUSTAINABILITY OF NATIONAL BAR ASSOCIATION: REFLECTION ON MISCELLANEOUS AMENDMENTS ACT NO. 2 OF

SUSTAINABILITY OF NATIONAL BAR ASSOCIATION: REFLECTION ON MISCELLANEOUS AMENDMENTS ACT NO. 2 OF 2018 Prof. John Eudes Ruhangisa (PhD) Advocate A Paper r for r prese esent ntati tion on durin ring g the e Tanga nganyi nyika ka Law

208 views • 16 slides
Port Community Liaison Committee Land Operations & Trucking Update June 23, 2016 Truck

Port Community Liaison Committee Land Operations & Trucking Update June 23, 2016 Truck

Port Community Liaison Committee Land Operations & Trucking Update June 23, 2016 Truck Licensing Reform Overview Key changes of the 2015 Local TLS Program Reform: Province established the Office of the BC Container T rucking

325 views • 8 slides
NT Planning Project (aka Transmission Load Service Initiative - TLS) NETWORK OPERATING COMMITTEE

NT Planning Project (aka Transmission Load Service Initiative - TLS) NETWORK OPERATING COMMITTEE

B O N N E V I L L E P O W E R A D M I N I S T R A T I O N NT Planning Project (aka Transmission Load Service Initiative - TLS)

310 views • 11 slides
Policy Adviser The Law Society The Law Society approach The Law Society approach First, a

Policy Adviser The Law Society The Law Society approach The Law Society approach First, a

James Woolf Policy Adviser The Law Society The Law Society approach The Law Society approach First, a little bit of history.... HERMAN OUSELEY Independent Review into Disproportionate Regulatory Outcomes for Black and Minority Ethnic

455 views • 18 slides

More recommend