If you're not using HTTPS, your website is bad, and you should feel bad!

Room: 
Room 4
Time Slot: 
4:20pm

In 2014, the IETF adopted ""Pervasive Monitoring Is an Attack"" as a best current practice (IETF RFC 7258). Passive monitoring includes someone sniffing a coffee shop's open wifi all the way to the three letter agencies monitoring the internet backbone. And there's an easy way to stop this type of attack: use HTTPS. It's been around for decades, and now it's now considered best current practice. START USING HTTPS!

With the advent of Let's Encrypt and StartSSL, who are giving away SSL certificates for free, there's no excuse anymore to serve your websites over an unencrypted connection. In this talk I will go over how to setup a free SSL certificate and install it on your website. Even if your website is a personal blog, small forum, or conference website (*hint*), you should be using https by default.