Get your basic shit together

• Encrypt everything!
  • even "internal" systems
  • SPDY & HTTP/2 are TLS only for a reason
• No mixed content!
  • HTTPS everywhere!
• HTTP Strict Transport Security (HSTS)
  • Use TLS every time!

Get your basic shit together (2)

• Don't use broken protocol versions
  • only use TLSv1+
  • if there's some SSL, you're doing it wrong!
• Don't use broken ciphers
  • ensure forward secrecy
    • DHE, with strong parameters (2048+ bits)
    • ECDHE if you're desperate
  • only proven ciphers like AES
    • lol, RC4, wtf, 3DES

Get your basic shit together (3)

• Only Open Source libraries can be secure
  • Looking at you, SChannel Remote Code Execution
• Update your crappy libraries
  • Looking at you, openssl!

Get your advanced shit together

• Replace your crappy libraries
  • libressl, drop-in openssl replacement
• HTTP Public Key Pinning (HPKP)
  • the CA system is inherently broken
  • Certificate Transparency (Google) is no solution
  • use Let's Encrypt for trust on first connect

Get your advanced shit together (2)

• Don't use shady crypto
  • TLS elliptic curves by NIST^WNSA are not secure
    • P-224, P-256, secp256k, …
    • used for ECDHE, use DHE
    • used in ECDSA, use RSA
    • use e.g. DJB curves instead: ed25519 (not in TLS)
  • GCM is complex & difficult to implement safely
  • Recommended ciphers:
    • DHE-RSA-CHACHA20-POLY1309
    • DHE-RSA-AES256-SHA256 (AES128, SHA fine too)