Name: Proxying Sensitive TLS Operations in Open Source - Susan Hinrichs & Dave Thompson, Yahoo
Start: 2016-05-12T16:40:00-0700
End: 2016-05-12T17:30:00-0700

Back To Schedule

Proxying Sensitive TLS Operations in Open Source - Susan Hinrichs & Dave Thompson, Yahoo

The private key is the linchpin to web server authentication. If an attacker gains the private key to yahoo.com, he can set up another server that will authenticate without error as yahoo.com. In a content delivery network, the private key must be distributed to all Edge devices, creating a bigger attack surface. In this presentation, Susan and Dave describe how they augmented Apache Traffic Server using openssl engines to work with a CryptoProxy server hosted in a more secure location. They analyze the costs and benefits and show that not only does a CryptoProxy solution increase security but it also improves performance in many cases. While their solution uses Apache Traffic Server similar techniques could be used for other network servers.

Speakers

Susan Hinrichs

Technical Yahoo, Yahoo

Susan Hinrichs is a member of Yahoo’s Edge team. Susan is a committer and PMC member on Apache Traffic Server where she has implemented TLS extensions and state machine fixes. She earned a PhD in CS from Carnegie Mellon and worked on security policy at Cisco Systems. Susan spent... Read More →

Dave Thompson

Yahoo

CryptoProxy ApacheCon 2016 pdf

Thursday May 12, 2016 4:40pm - 5:30pm PDT
Plaza B

Web Server, Intermediate

ApacheCon 2016

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Susan Hinrichs

Dave Thompson

Attendees (24)