FITC, profile picture
Uploaded byFITC
876 views

Upgrading the Web with Douglas Crockford @ FITC's Web Unleashed 2015

The document discusses the inadequacies of current web security practices, particularly regarding the use of URLs with embedded passwords and the need for improved cryptography. It proposes a transition plan for upgrading the web, advocating for collaboration between browser makers and secure sites to enhance security and application development without compromising existing functionalities. The text emphasizes the importance of a decentralized approach to trust management and global uniqueness in identifiers.

Embed presentation

Download to read offline
Upgrading the Web A Prospectus
Apology
The Web
Security
Passwords
RFC 1738 December 1994 // user : password @ host : port / url-path The use of URLs containing passwords that should be secret is clearly unwise.
What’s wrong with the Web?
What’s wrong with the Web? Insecure Complex
HTTP Key : value pairs Negotiation Request/response protocol
DNS
SSL
Certi cate Authorities
HTML
Templating
Document Object Model
CSS
JavaScript
Many Have Tried • Microsoft, Apple, Adobe, Oracle, many more. • In most cases, the technology was much better. • In most cases, the solution was not open. • There was no transition.
Upgrade the Web. Keep the things it does well.
HDTV
Helper App
Transition Plan • Convince one progressive browser maker to integrate. • Convince one secure site to require its customers to use that browser. • Risk mitigation will compel the other secure sites. • Competitive pressure will move the other browser makers. • The world will follow for improved security and faster application development. • Nothing breaks!
Strong Cryptography • ECC 521 • AES 256 • SHA 3-256
Zooko’s Triangle Human Meaningful Securely Unique Global: Decentralized
ECC521 public keys as unique identifiers
Secure JSON over TCP
web: publickey @ ipaddress / capability
Trust Management Petnames
Vat
Cooperation under mutual suspicion.
JavaScript Message Server Qt
The Old Web: Promiscuity The New Web: Commitment
There’s nothing new here.
In the meantime, keep doing what you’re doing.
Hope
KEEP CALM AND JS ON

More Related Content

PPTX
Managing Traffic Spikes This Holiday Season
byCloudflare
 
PDF
Supporting large scale React applications
byMaurice De Beijer [MVP]
 
PDF
NOSQL in the Cloud
bySergey Shishkin
 
PDF
The Hardest Part of Microservices: Your Data - Christian Posta, Red Hat
byAmbassador Labs
 
PPTX
Running a Robust DNS Infrastructure with CloudFlare Virtual DNS
byCloudflare
 
PDF
Intro to Baqend
byFelix Gessert
 
PPTX
Altitude San Francisco 2018: Preparing for Video Streaming Events at Scale
byFastly
 
PDF
Solving trust issues at scale - Omer Levi Hevroni
byDevOpsDays Tel Aviv
 
Managing Traffic Spikes This Holiday Season
byCloudflare
 
Supporting large scale React applications
byMaurice De Beijer [MVP]
 
NOSQL in the Cloud
bySergey Shishkin
 
The Hardest Part of Microservices: Your Data - Christian Posta, Red Hat
byAmbassador Labs
 
Running a Robust DNS Infrastructure with CloudFlare Virtual DNS
byCloudflare
 
Intro to Baqend
byFelix Gessert
 
Altitude San Francisco 2018: Preparing for Video Streaming Events at Scale
byFastly
 
Solving trust issues at scale - Omer Levi Hevroni
byDevOpsDays Tel Aviv
 

What's hot

PDF
Cloud Native DevOps with cloud.gov Workshop
bydlapiduz
 
PPTX
Storing data in Redis like a pro
bySoluto
 
PPTX
Altitude SF 2017: Reddit - How we built and scaled r/place
byFastly
 
PDF
MongoDB World 2019: MongoDB Atlas Data Lake Technical Deep Dive
byMongoDB
 
PDF
VJUG 24 - Building microservices with Vert.x
byBert Jan Schrijver
 
PDF
Custom coded projects
byMarko Heijnen
 
PPTX
Building large scalable mission critical business applications on the web
byMaurice De Beijer [MVP]
 
PPTX
The art of decomposing monoliths - Kfir Bloch - Codemotion Amsterdam 2016
byCodemotion
 
PDF
GeekOut 2017 - Microservices in action at the Dutch National Police
byBert Jan Schrijver
 
PPTX
Why Wordnik went non-relational
byTony Tam
 
PPT
Create scalable and failure safe cluster MagentoCommerce using cloud hosting ...
byNeklo
 
PDF
Bloom Filters for Web Caching - Lightning Talk
byFelix Gessert
 
PPTX
Managing a MongoDB Deployment
byTony Tam
 
PDF
Automation for Anyone at Nutanix NEXT 2017 US
byChris Wahl
 
PDF
Dublin JUG February 2018 - Building microservices with Vert.x
byBert Jan Schrijver
 
PDF
Vert.x NL meetup October 2017 - Building microservices with Vert.x
byBert Jan Schrijver
 
PDF
JBCNConf 2017 - Building microservices with Vert.x
byBert Jan Schrijver
 
PDF
Malmberg meetup June 2018 - Building microservices with Vert.x
byBert Jan Schrijver
 
PDF
Rebuilding Legacy Apps with Domain-Driven Design - Lessons learned
byKacper Gunia
 
PPTX
Keeping the Lights On with MongoDB
byTony Tam
 
Cloud Native DevOps with cloud.gov Workshop
bydlapiduz
 
Storing data in Redis like a pro
bySoluto
 
Altitude SF 2017: Reddit - How we built and scaled r/place
byFastly
 
MongoDB World 2019: MongoDB Atlas Data Lake Technical Deep Dive
byMongoDB
 
VJUG 24 - Building microservices with Vert.x
byBert Jan Schrijver
 
Custom coded projects
byMarko Heijnen
 
Building large scalable mission critical business applications on the web
byMaurice De Beijer [MVP]
 
The art of decomposing monoliths - Kfir Bloch - Codemotion Amsterdam 2016
byCodemotion
 
GeekOut 2017 - Microservices in action at the Dutch National Police
byBert Jan Schrijver
 
Why Wordnik went non-relational
byTony Tam
 
Create scalable and failure safe cluster MagentoCommerce using cloud hosting ...
byNeklo
 
Bloom Filters for Web Caching - Lightning Talk
byFelix Gessert
 
Managing a MongoDB Deployment
byTony Tam
 
Automation for Anyone at Nutanix NEXT 2017 US
byChris Wahl
 
Dublin JUG February 2018 - Building microservices with Vert.x
byBert Jan Schrijver
 
Vert.x NL meetup October 2017 - Building microservices with Vert.x
byBert Jan Schrijver
 
JBCNConf 2017 - Building microservices with Vert.x
byBert Jan Schrijver
 
Malmberg meetup June 2018 - Building microservices with Vert.x
byBert Jan Schrijver
 
Rebuilding Legacy Apps with Domain-Driven Design - Lessons learned
byKacper Gunia
 
Keeping the Lights On with MongoDB
byTony Tam
 

Viewers also liked

PPTX
CSS: A Slippery Slope to the Backend
byFITC
 
PDF
Design that’s easy on the brain
byFITC
 
PPT
! or ? with Chip Kidd
byFITC
 
PDF
The Power of Play in Experimental Design with Claudia Chagüi De León
byFITC
 
PPTX
Web unleashed 2015-tammyeverts
byFITC
 
PDF
Squishy pixels
byFITC
 
PDF
I Heard React Was Good
byFITC
 
PDF
Customizing Your Process
byFITC
 
PDF
5 Things Every Designer Should be Doing Right Now
byFITC
 
PDF
Getting to Know Grunt By Writing Your Own Plugin
byFITC
 
PDF
The Little Shop of TDD Horrors
byFITC
 
PDF
Technolust: Kitbashing the Future
byFITC
 
PDF
The Working Dead
byFITC
 
PPTX
21st Century Crystal Ball
byFITC
 
PPTX
Your UX is not my UX
byFITC
 
PDF
Why Everyone Should Own a Giant Robot Arm
byFITC
 
PDF
How to SURVIVE the Creative Industry
byFITC
 
PDF
My Type of Life
byFITC
 
PDF
Adapt or Die
byFITC
 
CSS: A Slippery Slope to the Backend
byFITC
 
Design that’s easy on the brain
byFITC
 
! or ? with Chip Kidd
byFITC
 
The Power of Play in Experimental Design with Claudia Chagüi De León
byFITC
 
Web unleashed 2015-tammyeverts
byFITC
 
Squishy pixels
byFITC
 
I Heard React Was Good
byFITC
 
Customizing Your Process
byFITC
 
5 Things Every Designer Should be Doing Right Now
byFITC
 
Getting to Know Grunt By Writing Your Own Plugin
byFITC
 
The Little Shop of TDD Horrors
byFITC
 
Technolust: Kitbashing the Future
byFITC
 
The Working Dead
byFITC
 
21st Century Crystal Ball
byFITC
 
Your UX is not my UX
byFITC
 
Why Everyone Should Own a Giant Robot Arm
byFITC
 
How to SURVIVE the Creative Industry
byFITC
 
My Type of Life
byFITC
 
Adapt or Die
byFITC
 

Similar to Upgrading the Web with Douglas Crockford @ FITC's Web Unleashed 2015

PPTX
Web Exploitation Security
byAman Singh
 
PPTX
Burp Suite is a powerful and widely-used tool
bywaudit1
 
PPT
Web security
byMuhammad Usman
 
PDF
Web 2 0 Security defending Ajax Ria and Soa 1st Edition Shreeraj (Shreeraj Sh...
bysheqjakokali
 
PDF
XCS110_All_Slides.pdf
byssuser01066a
 
PPTX
Understanding-Web-Communication-HTTP-vs-HTTPS.pptx
bydevilkiller2311
 
PDF
Web Security Field Guide 1st Edition Steve Kalman
byonateullumfs
 
PDF
Web 20 Security Defending Ajax Ria And Soa Shreeraj Shah
bygqkbolrijy636
 
PDF
The SSL Problem and How to Deploy SHA2 Certificates
byGabriella Davis
 
PDF
Web Security Privacy And Commerce 2nd Edition Second Edition Simson Garfinkel
bytaraghmenti41
 
PDF
The web‘s next adventure(s)
byRakuten Group, Inc.
 
PPTX
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
byHeroku
 
PPTX
Confidence web
byDan Kaminsky
 
PPTX
Why we need a more Ethical Web
byDaniel Appelquist
 
PDF
WordCamp US: Delivering the news over HTTPS
byPaul Schreiber
 
PPT
Powering the digital frontier with web technologies.
bydaniel2004durango
 
PPT
Dmk bo2 k8_ccc
byDan Kaminsky
 
PPTX
Web security
bytruong nguyen
 
PDF
Security at Scale - Lessons from Six Months at Yahoo
byAlex Stamos
 
PDF
Hhs en10 web_security_and_privacy
byShoaib Sheikh
 
Web Exploitation Security
byAman Singh
 
Burp Suite is a powerful and widely-used tool
bywaudit1
 
Web security
byMuhammad Usman
 
Web 2 0 Security defending Ajax Ria and Soa 1st Edition Shreeraj (Shreeraj Sh...
bysheqjakokali
 
XCS110_All_Slides.pdf
byssuser01066a
 
Understanding-Web-Communication-HTTP-vs-HTTPS.pptx
bydevilkiller2311
 
Web Security Field Guide 1st Edition Steve Kalman
byonateullumfs
 
Web 20 Security Defending Ajax Ria And Soa Shreeraj Shah
bygqkbolrijy636
 
The SSL Problem and How to Deploy SHA2 Certificates
byGabriella Davis
 
Web Security Privacy And Commerce 2nd Edition Second Edition Simson Garfinkel
bytaraghmenti41
 
The web‘s next adventure(s)
byRakuten Group, Inc.
 
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
byHeroku
 
Confidence web
byDan Kaminsky
 
Why we need a more Ethical Web
byDaniel Appelquist
 
WordCamp US: Delivering the news over HTTPS
byPaul Schreiber
 
Powering the digital frontier with web technologies.
bydaniel2004durango
 
Dmk bo2 k8_ccc
byDan Kaminsky
 
Web security
bytruong nguyen
 
Security at Scale - Lessons from Six Months at Yahoo
byAlex Stamos
 
Hhs en10 web_security_and_privacy
byShoaib Sheikh
 

More from FITC

PDF
HyperLight Websites
byFITC
 
PDF
Profiling JavaScript Performance
byFITC
 
PPTX
Cut it up
byFITC
 
PDF
Rise of the JAMstack
byFITC
 
PDF
How to Pitch Your First AR Project
byFITC
 
PDF
Everyday Innovation
byFITC
 
PDF
East of the Rockies: Developing an AR Game
byFITC
 
PDF
Creating a Proactive Healthcare System
byFITC
 
PDF
The Power of Now
byFITC
 
PPTX
Surviving Your Tech Stack
byFITC
 
PDF
High Performance PWAs
byFITC
 
PDF
Projects Ain’t Nobody Got Time For
byFITC
 
PDF
Start by Understanding the Problem, Not by Delivering the Answer
byFITC
 
PDF
The Rise of the Creative Social Influencer (and How to Become One)
byFITC
 
PDF
Designing for Digital Health
byFITC
 
PDF
From Closed to Open: A Journey of Self Discovery
byFITC
 
PDF
Everything is Terrifying
byFITC
 
PDF
Cocaine to Carrots: The Art of Telling Someone Else’s Story
byFITC
 
PDF
World Transformation: The Secret Agenda of Product Design
byFITC
 
PDF
Post-Earth Visions: Designing for Space and the Future Human
byFITC
 
HyperLight Websites
byFITC
 
Profiling JavaScript Performance
byFITC
 
Cut it up
byFITC
 
Rise of the JAMstack
byFITC
 
How to Pitch Your First AR Project
byFITC
 
Everyday Innovation
byFITC
 
East of the Rockies: Developing an AR Game
byFITC
 
Creating a Proactive Healthcare System
byFITC
 
The Power of Now
byFITC
 
Surviving Your Tech Stack
byFITC
 
High Performance PWAs
byFITC
 
Projects Ain’t Nobody Got Time For
byFITC
 
Start by Understanding the Problem, Not by Delivering the Answer
byFITC
 
The Rise of the Creative Social Influencer (and How to Become One)
byFITC
 
Designing for Digital Health
byFITC
 
From Closed to Open: A Journey of Self Discovery
byFITC
 
Everything is Terrifying
byFITC
 
Cocaine to Carrots: The Art of Telling Someone Else’s Story
byFITC
 
World Transformation: The Secret Agenda of Product Design
byFITC
 
Post-Earth Visions: Designing for Space and the Future Human
byFITC
 

Recently uploaded

PPTX
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
PDF
Analyzing the data of your initial survey
byThelma Villaflores
 
PPTX
Overview of how to Create a Model in Odoo 18
byCeline George
 
PPTX
Repeat Orders_ Use Odoo Blanket Agreement
byCeline George
 
PDF
Most Imp Chapters & Weightage for Boards 2025.pdf
byTamannaSagar
 
PPTX
META-ANALYSIS INTERPRETATION, PUBLICATION BIAS AND GRADE ASSESSMENT.pptx
bySystematic Reviews Network (SRN)
 
PPTX
Expected Revenue Report In Odoo 18 CRM
byCeline George
 
PPTX
Accounting Skills Paper-II (Registers of PACs and Credit Co-operative Societies)
byDr. Sushil Bansode
 
PDF
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
PPTX
Access partner report in Odoo 18.2 _ Odoo 19
byCeline George
 
PPTX
How to Manage Package Reservation in Odoo 18 Inventory
byCeline George
 
PDF
Biology Practical Class 12th 2025 PDF(2)-2-52.pdf
bySCPRPWomenCollegeChi
 
PPTX
UNIT 1: COMMUNICATION SKILLS, BARRIERS TO COMMUNICATION, PERSPECTIVES IN COMM...
byPOOJA KARVANDE
 
PPTX
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
PPTX
3 G8_Q3_L3_ (Cartoon as Representation in Opinion Editorial Article).pptx
byNorafeSahagun
 
PDF
Blood Group Incompatibility: Rh Factor and Erythroblastosis Fetalis
bySudhandraKarthi
 
PDF
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
PPTX
ATTENTION -PART 2.pptx Shilpa Hotakar for I semester BSc students
bySHILPA HOTAKAR
 
PDF
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
PPTX
Partial Correlation of Coefficient - Values of r₁₂.₃, r₂₃.₁ & r₁₃.₂
bySundar B N
 
10-12-2025 Francois Staring How can Researchers and Initial Teacher Educators...
byEduSkills OECD
 
Analyzing the data of your initial survey
byThelma Villaflores
 
Overview of how to Create a Model in Odoo 18
byCeline George
 
Repeat Orders_ Use Odoo Blanket Agreement
byCeline George
 
Most Imp Chapters & Weightage for Boards 2025.pdf
byTamannaSagar
 
META-ANALYSIS INTERPRETATION, PUBLICATION BIAS AND GRADE ASSESSMENT.pptx
bySystematic Reviews Network (SRN)
 
Expected Revenue Report In Odoo 18 CRM
byCeline George
 
Accounting Skills Paper-II (Registers of PACs and Credit Co-operative Societies)
byDr. Sushil Bansode
 
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
Access partner report in Odoo 18.2 _ Odoo 19
byCeline George
 
How to Manage Package Reservation in Odoo 18 Inventory
byCeline George
 
Biology Practical Class 12th 2025 PDF(2)-2-52.pdf
bySCPRPWomenCollegeChi
 
UNIT 1: COMMUNICATION SKILLS, BARRIERS TO COMMUNICATION, PERSPECTIVES IN COMM...
byPOOJA KARVANDE
 
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
3 G8_Q3_L3_ (Cartoon as Representation in Opinion Editorial Article).pptx
byNorafeSahagun
 
Blood Group Incompatibility: Rh Factor and Erythroblastosis Fetalis
bySudhandraKarthi
 
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
ATTENTION -PART 2.pptx Shilpa Hotakar for I semester BSc students
bySHILPA HOTAKAR
 
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
Partial Correlation of Coefficient - Values of r₁₂.₃, r₂₃.₁ & r₁₃.₂
bySundar B N
 

Upgrading the Web with Douglas Crockford @ FITC's Web Unleashed 2015