tls usage in russian domain space
play

TLS: usage in Russian Domain Space Dmitry Belyavskiy, TCI ICANN 58 - PowerPoint PPT Presentation

Feb 26, 2024 •130 likes •329 views

TLS: usage in Russian Domain Space Dmitry Belyavskiy, TCI ICANN 58 Tech Day March 13, 2017 Copenhagen, Denmark TLS: brief history SSLv2 deprecated (RFC 6176) SSLv3 deprecated (RFC 7568) TLS 1.0 RFC 2246 (1999) TLS 1.1

  1. TLS: usage in Russian Domain Space Dmitry Belyavskiy, TCI ICANN 58 Tech Day March 13, 2017 Copenhagen, Denmark

  2. TLS: brief history • SSLv2 deprecated (RFC 6176) • SSLv3 deprecated (RFC 7568) • TLS 1.0 – RFC 2246 (1999) • TLS 1.1 – RFC 4346 (2006) • TLS 1.2 – RFC 5246 (2008) Waiting for TLS 1.3! Source: https://www.trustworthyinternet.org/ssl-pulse/

  3. Ubiquitous encryption!  >50% of traffic is encrypted (2016)  New protocol require encryption by design  Hosters enable TLS by default  Universal SSL  DNS – the last major unprotected protocol  RFC 7626

  4. Russian Domains  RU (since 1994) – more than 5 500 000 РФ ( since 2010) – more than 900 000   The largest IDN domain in the world!  SU (since 1990) – about 120 000 New gTLDs: .ДЕТИ, .TATAR   3rd-level domains Geographical, generic…  Company Logo

  5. TLDStat: overview  Project of CCTLD .RU and Technical Center of Internet  Based on Registry data  Domains: .RU, .SU, . РФ… http://statdom.ru/  Domain .LV http://tldstat.com/  Public and limited access to data Company Logo

  6. TldStat Sour с e: http://statdom.ru/

  7. Powerful reporting tool Reports  By region  By age of the domain  By registrar  All you want! Company Logo

  8. Various forms of visualization Sour с e: http://statdom.ru/

  9. TLS: methodology Collecting the TLS statistics  Process all the domains in .RU  443 port  Collect certificates  Build chains of trust to browser roots  Profit! Full description: http://statdom.ru/about/glossary Company Logo

  10. Amount of certificates in .RU 250000 200000 150000 Self-signed 100000 Valid 50000 0 July 2015 Apr 2016 Jan 2017 Company Logo

  11. .RU: сертификаты Certificates:  July 2015: 28 000  Feb 2017: 226 000 Web-sites:  July 2015: 34 000  Feb 2017: 258 000 Company Logo

  12. .RU: CA distribution 1. Let’s Encrypt – 46% 2. Cloudflare – 15,5% 3. cPanel – 13,5% 4. Globalsign – 10% Let’s Encrypt appeared in March 2016 and provided a significant growth Company Logo

  13. .RU: CA migrations Gainers Losers 1. Let’s Encrypt 1. WoSign -900 +3000 2. GlobalSign -600 2. StartCom +700 3. COMODO (EC+RSA) +300 Total migration: 4500 / 45000 (Jan-Aug 2016) 5500 / 94000 (Aug 2016 – Feb 2017) Signed month later – 90%+ Company Logo

  14. .RU: algorithms  SHA1: 13% => 0.05% (116 certs)  RSA: ~85%  EC: ~15%  Maximum in March 2016: 32% Company Logo

  15. Interesting facts  Almost all EC certificates are from Cloudflare  ~70% certificates are free or parts of bundle  ~600 EV certificates  More at 3 rd level  NO correlation between EV and DNSSec  MX STARTTLS: 70% IP-addresses Company Logo

  16. What do users think  TLS is about encryption  No. You should authenticate the 2nd party  Green locks save  No. Domain with similar name + Certificate for free = PHISHING  Use EV certificates! And explain it to your clients… Company Logo

  17. What are we to worry about  Mobile applications  Certificate validation errors  Both on iDevices and Android  VPNs for Android are not secure enough  TLS termination  The most protected software are browsers.  TLS proxies have a lot of errors https://madiba.encs.concordia.ca/~x_decarn/pap ers/tls-proxy-ndss2016.pdf Company Logo

  18. How to protect yourself Problem: ANY CA can issue a certificate for ANY domain Solutions:  DANE  Certificate transparency  Certificate pinning Company Logo

  19. Questions ? Email: beldmit@tcinet.ru

Recommend

Optimizing for Space and Time Optimizing for Space and Time Usage with Speculative Par Usage

Optimizing for Space and Time Optimizing for Space and Time Usage with Speculative Par Usage

Optimizing for Space and Time Optimizing for Space and Time Usage with Speculative Par Usage with Speculative Partial ial Redundancy E Redundancy E limination limination Bernhard Scholz, University of Sydney, Australia Nigel Horspool,

661 views • 33 slides
COOPERATION CAPABILITIES for ESCAP: Space Applications Developed by Russian Space Systems 1 1

COOPERATION CAPABILITIES for ESCAP: Space Applications Developed by Russian Space Systems 1 1

COOPERATION CAPABILITIES for ESCAP: Space Applications Developed by Russian Space Systems 1 1 EXPERTISE Space systems Ground facilities Navigation Communication, Space Space Ground control facility broadcasting Data

424 views • 5 slides
The Usage of Counter Revisited: Second-Preimage Attack on New Russian Standardized Hash Function

The Usage of Counter Revisited: Second-Preimage Attack on New Russian Standardized Hash Function

The Usage of Counter Revisited: Second-Preimage Attack on New Russian Standardized Hash Function Jrmy Jean 1 joint work with: Jian Guo 1 Gatan Leurent 2 Thomas Peyrin 1 Lei Wang 1 1 Nanyang Technological University, Singapore 2 INRIA, France

847 views • 40 slides
single information and exhibition space The Russian Health Care Week is firmly on the Russian

single information and exhibition space The Russian Health Care Week is firmly on the Russian

UNIQUE FORMAT: single information and exhibition space The Russian Health Care Week is firmly on the Russian Ministry of Health Care event calendar. Russias key platform showcasing medical equipment, supplies and other health care

274 views • 11 slides
Space Weather - Key Element for Space Domain Awareness 15 Apr 15 Maj Gen Steve Denker HQ

Space Weather - Key Element for Space Domain Awareness 15 Apr 15 Maj Gen Steve Denker HQ

Space Weather - Key Element for Space Domain Awareness 15 Apr 15 Maj Gen Steve Denker HQ AFSPC/A2/3/6 This briefing is for information only. No US Government commitment to sell, loan, lease, co-develop or co-produce defense articles or

182 views • 7 slides
Recent Developments in the Domain Name Space Interna'onalized

Recent Developments in the Domain Name Space Interna'onalized

Recent Developments in the Domain Name Space Interna'onalized Domain Names and New Generic Top-Level Domains Agenda Overview of domain names Internationalized

244 views • 23 slides
Chapter 7 The Application Layer DNS The Domain Name System The DNS Name Space

Chapter 7 The Application Layer DNS The Domain Name System The DNS Name Space

Chapter 7 The Application Layer DNS The Domain Name System The DNS Name Space Resource Records Name Servers The DNS Name Space A portion of the Internet domain name space. Resource Records The principal DNS resource

1.38k views • 89 slides
I. Introduction II. Collision of Domain Walls in 5D Minkowski Space III. Reheating by Collision

I. Introduction II. Collision of Domain Walls in 5D Minkowski Space III. Reheating by Collision

I. Introduction II. Collision of Domain Walls in 5D Minkowski Space III. Reheating by Collision of Branes IV. Fermion Localization at Collision V. Collision of Domain Walls in Asymptotically AdS Space VI. Summary Kei-ichi Maeda Waseda Univ.

451 views • 26 slides
Domain Name Commission v DomainTools Case re unauthorized access to .nz domain name space

Domain Name Commission v DomainTools Case re unauthorized access to .nz domain name space

Domain Name Commission v DomainTools Case re unauthorized access to .nz domain name space Overview The Domain Name Commission who we are What this action is about and why we took action in the US Current position What others

179 views • 6 slides
Columbia University Fiscal Year 2019 Space Inventory and Functional Usage Training May 2019

Columbia University Fiscal Year 2019 Space Inventory and Functional Usage Training May 2019

Columbia University Fiscal Year 2019 Space Inventory and Functional Usage Training May 2019 Background 1. Background 2. Space Survey Overview 3. Space Survey Process -Complete Space Survey 4. Project Support 5. Questions 6. Appendices

775 views • 61 slides
Cost Semantics for Space Usage in a Parallel Language Daniel Spoonhower Carnegie Mellon

Cost Semantics for Space Usage in a Parallel Language Daniel Spoonhower Carnegie Mellon

Cost Semantics for Space Usage in a Parallel Language Daniel Spoonhower Carnegie Mellon University (Joint work with Guy Blelloch & Robert Harper) DAMP 16 Jan 2007 Understanding How Programs Compute Interested in intensional behavior of

618 views • 42 slides
VAST: Visibility Across Space and Time Architecture & Usage Matthias Vallentin

VAST: Visibility Across Space and Time Architecture & Usage Matthias Vallentin

VAST: Visibility Across Space and Time Architecture & Usage Matthias Vallentin matthias@bro.org BroCon August 19, 2014 2 / 27 3 / 27 4 / 27 Outline 1. Introduction: VAST 2. Architecture Overview Example Workflow: Query Data Model

485 views • 46 slides
Free-Space Optical Interconnect: an Alternative Optical Domain Electrical Electrical Domain

Free-Space Optical Interconnect: an Alternative Optical Domain Electrical Electrical Domain

12/5/10 Initial Results of Prototyping a 3-D Integrated Intra-Chip Free-Space Optical Interconnect Berkehan Ciftcioglu, Rebecca Berman, Jian Zhang, Zach Darling, Alok Garg , Jianyun Hu, Manish Jain, Peng Liu, Ioannis Savidis, Shang Wang, Jing

607 views • 12 slides
The spectrum of the Laplacian in a domain bounded by a flexible polyhedron in Euclidean space

The spectrum of the Laplacian in a domain bounded by a flexible polyhedron in Euclidean space

The spectrum of the Laplacian in a domain bounded by a flexible polyhedron in Euclidean space does not always remain unaltered during the flex Victor Alexandrov Sobolev Institute of Mathematics and Novosibirsk State University, Russia July 8,

567 views • 18 slides
Space in EDA - RTO

Space in EDA - RTO

ESA and the domain of security and defence Space in EDA - RTO

755 views • 48 slides
Local and global structure of domain wall space-time Yu-Huei Wu 1. Center for Mathematics and

Local and global structure of domain wall space-time Yu-Huei Wu 1. Center for Mathematics and

Introduction and Motivation Our basic picture DWs in de-Sitter space and its global structure Conclusion and Outlook Conclusion Local and global structure of domain wall space-time Yu-Huei Wu 1. Center for Mathematics and Theoretical Physics,

405 views • 22 slides
Master 2009-07-01 System and Network Engineering Cornel de Jong Domain Name Space and

Master 2009-07-01 System and Network Engineering Cornel de Jong Domain Name Space and

Master 2009-07-01 System and Network Engineering Cornel de Jong Domain Name Space and Resource Records Name servers Resolvers (root) Used for: Browsing Mail ... arpa com net nl se VoIP Etc in-addr

507 views • 16 slides
FOR RUSSIAN AUDIENCES WORLDWIDE FILMBOX box RUSSIA Created and available for Russian speaking

FOR RUSSIAN AUDIENCES WORLDWIDE FILMBOX box RUSSIA Created and available for Russian speaking

FOR RUSSIAN AUDIENCES WORLDWIDE FILMBOX box RUSSIA Created and available for Russian speaking audience all over the world with exclusively Russian content. 24 HOURS A DAY, 7 DAYS A WEEK! SPIINTL.com FILMBOX box RUSSIA The channel has over

502 views • 11 slides
Russian Nights in Switzerland Concept Russian Nights in Switzerland is a very special

Russian Nights in Switzerland Concept Russian Nights in Switzerland is a very special

Russian Nights in Switzerland Concept Russian Nights in Switzerland is a very special whole-year entertainment project for Russians living and travelling in Switzerland. Russian Nights in Switzerland include six various events leading to

707 views • 39 slides
Russian Annexation of Crimea Class 9 Ukraine through history Kiev is cradle of Russian

Russian Annexation of Crimea Class 9 Ukraine through history Kiev is cradle of Russian

Russian Annexation of Crimea Class 9 Ukraine through history Kiev is cradle of Russian civilization. Then occupied by Mongols, Tatars and Lithuanians. Autonomous part of Russian empire until 1764. Ukraine through history

689 views • 19 slides
Kernel Methods Barnabs Pczos Outline Quick Introduction Feature space Perceptron

Kernel Methods Barnabs Pczos Outline Quick Introduction Feature space Perceptron

Kernel Methods Barnabs Pczos Outline Quick Introduction Feature space Perceptron in the feature space Kernels Mercers theorem Finite domain Arbitrary domain Kernel families Constructing new kernels from

1.13k views • 100 slides
A posteriori error estimates for space-time domain decomposition method for two-phase flow

A posteriori error estimates for space-time domain decomposition method for two-phase flow

A posteriori error estimates for space-time domain decomposition method for two-phase flow problem Sarah Ali Hassan, Elyes Ahmed, Caroline Japhet, Michel Kern, Martin Vohralk INRIA Paris & ENPC (project-team SERENA), University Paris 13

728 views • 71 slides
Environmental Objectives of the Russian American Observation Satellites (RAMOS) T. Humpherys

Environmental Objectives of the Russian American Observation Satellites (RAMOS) T. Humpherys

Environmental Objectives of the Russian American Observation Satellites (RAMOS) T. Humpherys A.T. Stair V. Sinelshchikov R. Anderson I. Schiller V. Abramov Utah State University/ V. Misnik Space Dynamics Visidyne Inc. TsNPO Kometa

444 views • 17 slides
Russian Energy Strategy and Modernization of Russian Economy (Oil & Gas as Russias 6 th

Russian Energy Strategy and Modernization of Russian Economy (Oil & Gas as Russias 6 th

Russian Energy Strategy and Modernization of Russian Economy (Oil & Gas as Russias 6 th innovative cluster) Dr. Andrey A.Konoplyanik , Director on Energy Markets Regulations, Project Leader, Foundation Institute for Energy &

593 views • 18 slides

More recommend