39
ᗦࢫᰂᣟ ڝ၇မ ᧨ᰁ೮Өᴠလ
2014 2017
• DNS • HTTP • HTTPS • • Q&A
Freepik Smashicons
DNS
1
2
CDN
3
• • •
•
DNS
• ISP •
• •
UDP
www.meituan.com IP
DNS
•DNS • •
com meituan.com
TTL
DNS
•
•
www.meituan.com IP
DNS
• hosts • DNS
• DNS • DNS
• •
DNS
1
2
DNS over XXX
• TLS (Cloudflare) • HTTP ( ) • HTTPS (Cloudflare Google)
Web
Content Security Policy
Content-Security-Policy: directive: rules;
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';
• • XSS • https
• http • •
Subresource Integrity
• hash
• http • • • iOS Safari
HTTPS
SSL/TLS http
HTTPS
80 HTTP
https://
443 TCP
HTTPS
SSL/TLS
SSL / TLS
SSL 1.0 N/A N/A N/A
SSL 2.0 1995
SSL 3.0 1996 IE 6
TLS 1.0 1999 IE 6 SSL 3.0
TLS 1.1 2006 IE 8
TLS 1.2 2008 IE 8
TLS 1.3 2018 Chrome 64
• : TLS • / : RSA • : AES_128_GCM • : SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
HTTPS
SSL/TLS
/
• “ ” “ ” • •
HTTPS
SSL/TLS
/
HTTP
( )
SSL strip
HTTP 80
https://
HTTP 80
SSL strip
https://
https://
http
HTTP Strict-Transport-Security
Strict-Transport-Security: max-age=
• HTTPS • 1 • Chrome
• HTTP • • Chrome “ ”
SSL / TLS (FREAK)
SSL
512 RSA
512 RSA
https://github.com/eniac/faas
The purpose of the FaaS (Factoring as a Service) project is to demonstrate that 512-bit integers can be factored in only a few hours, for less than $100 of compute time in a public cloud environment. This illustrates the amazing progress in computing power over time, and
the risk of continued use of 512-bit RSA keys.
“
”
512 $100
https://wiki.mozilla.org/Security/Server_Side_TLS
CDN
• •
!
"
CDN
CDN
• CDN • CDN
!
#
CDN
DNS
CDN
1
2 DNS CDN
CDN
CDN HTTP
CDN
• •
!
$
KA
RD
&
• • •
• 200 0 http • •
CDN gzip
• A•
• B html error• js
• C•
• D CSP SRI•
•URL
•
•
• Damocles
CDN
Damocles
-> -> ->
• 3 10,480,084
• 3 13 21 SRE
CDN PM
Q&A•
• Node.js? Service Worker? WebAssembly?
•
“ ”
![o } ð , v ] ð X l À v î ì î ì](https://static.dokumenty.site/doc/80x56/61686915d394e9041f6f674c/o-v-x-l-v-.jpg)
![~y[ k°/va±³ sfp]k/va } ªÝsöckw9 z R¾²} ¼UtwNoktPR¾®¶ Ù Ý} ÖówpPrP zX¡Éì¯z¼Ü} 0 z ®c Nk wpPrP zX ¸è£Èäz¸Ó Èè£Ç CTÛ¾òl}](https://static.dokumenty.site/doc/80x56/5e7e33471a7f497551228d78/y-k-va-sfpkva-sckw9-z-r-utwnoktpr-wpprp.jpg)
![MX-2610N/3110N/3610N Operation-Manual Quick …...3$5$0(75< 3DUDPHWU\Vt"RYpKRVNHQHUX 7\S %DUHYQêVNHQHU 5R]OLãHQtVNHQRYiQt KODYQtî YHUWLNiOQt î GSL î GSL î GSL î GSL î GSL î](https://static.dokumenty.site/doc/80x56/5ea55f844faa1a4c021835f1/mx-2610n3110n3610n-operation-manual-quick-35075-3dudphwuvtrypkrvnhqhux.jpg)
![2009 $ Þ è · 2018-06-14 · 4 ô 2009 d v $ Þ ÈMIGA 1 ¦ * Å Ë * 2 ù ý | [ ã I u 14 8 Ä È § æ é d ý [ ã " ö | 2008 d $ $ Å ] d ý [ ã ß | Ç P ô ] F ³ æ t](https://static.dokumenty.site/doc/80x56/5ec420f49c5fc433e32ccc3b/2009-2018-06-14-4-2009-d-v-miga-1-2-.jpg)
