Apache httpd and the Web Track
Wednesday 16:15 UTC
Apache's 25th Anniversary: a timeline of The Apache HTTP Server
Jim Jagielski, Nick Vidal
This year, the Apache HTTP Server Project celebrates its 25th Anniversary. In February 1995, a small group of webmasters known as the Apache Group came together with the goal of releasing a common distribution based on multiple "patches" to the NCSA HTTPd Server. The first public release of Apache was in April 1995 and, after a major re-architecture, Apache 1.0 was officially released in December 1995. Apache rapidly grew to become the most popular server on the Internet, playing a key role in the growth of the World Wide Web and Open Source. The goal of this talk to present a timeline of the Apache HTTP Server Project, highlighting the most important milestones of this amazing software and community.
Jim Jagielski:
Jim is a well known and acknowledged expert and visionary in Open Source and IT, an accomplished coder (in numerous languages) and frequent presenter/interviewee/consultant on all things Web and Cloud related. He is best known as one of the developers and co-founders of the Apache Software Foundation and has served as President and Chairman. He also served on the board, as well as President, for the Outercurve Foundation and was a director for the Open Source Initiative (OSI). Jim works for Uber as their Head of Open Source, after stints at ConsenSys, Capital One, Red Hat, VMware, and others.
Nick Vidal:
Nick Vidal has been an open source advocate for over 15 years. He helped the Open Source Initiative to celebrate the "20th Anniversary of Open Source" by organizing 100 activities across 40 major open source events worldwide.
Apache httpd and TLS/SSL certificates validation
Jean-Frederic Clere
We will look to 2 different things here, validation of the server certificate and validation of the client certificates. For the server certificate we will show Let's encrypt and mod_md and speak about the new ACMEv2 protocol and OCSP stapling. For the client certificates we look to OCSP and other validations. Demo and quick start example will provided during the tal
Jean-Frederic has spent more than 20 years writing client/server software. His knowledges range from Cobol to Java, BS2000 to Linux and /390 to i386 but with preference to the later ;). He is committer in Httpd and Tomcat and he likes complex projects where different languages and machines are involved. Borne in France, Jean-Frederic lived in Barcelona (Spain) for 14 years. Since May 2006 he lives in Neuchatel (Switzerland) where he works for RedHat in the JBoss division on Tomcat, httpd and cloud/cluster related topics.
Thursday 17:35 UTCGraphQL in Apache Sling - but isn't it the opposite of REST?
Bertrand Delacretaz
GraphQL is often presented as the opposite of REST, but how could a query language be the opposite of an architectural style? Opposing technologies and tools is rarely productive, and although Sling is firmly based on REST principles, it makes absolute sense to take advantage of GraphQL's rich query language and "one request does it all" interaction model in Sling. In this talk we'll present a GraphQL scripting engine for Sling, which enables GraphQL queries either "hidden" on the server side, for more control, or provided by the clients in the more traditional way to provide the full flexibility of the query language. Generating GraphQL schemas dynamically, based on Sling Resource Types, Sling Models and scripted schemas, provides a lot of flexibility in mapping Sling content to the outside world and makes the query subsystem modular and flexible. This talk will will help you make the best use of this new and exciting query language, without compromising on the principles of adaptable and discoverable Web applications.
Bertrand Delacretaz works as a Principal Scientist for Adobe in Basel, Switzerland. He's involved in software design and development for Adobe Experience Cloud products, which use many open source modules, mostly from Apache projects to which his teams contribute extensively. Bertrand is a currently (2020-2021) on his eleventh term on the Apache Software Foundation's Board of Directors and has been active in the Foundation for about 20 years.
Thursday 18:15 UTCApache Web Server Security Hardening
Andrew Carr
In my 2017 presentation I discussed hardening Apache Web server with Apache Tomcat behind it. There was a lot of interest in hardening Apache and recommendations. We will review possible exploits and how proper mitigation can prevent breaches. Apache has security holes, especially in older versions. While upgrading fixes a lot of problems, there will always be exploits. We want to demonstrate a system that is reliable and robust, with the least amount of information exposed to the public. Additionally, there will be a review of some standard configurations you can build from to protect your environment
About: Andrew has been working in the I.T. industry since 1996 developing hardware, network and software solutions to suit business needs and requirements. Leveraging open source software, he has implemented enterprise software solutions for a number of large corporations while delivering training to staff, both entry-level and expert. Currently, Andrew works as a Consulting Enterprise Architect at Perforce.
Thursday 18:55 UTCHardware-protected Keys for TLS: the httpd Angle
Sander Temme
Using hardware-protected cryptographic modules (Hardware Security Modules or HSMs) is a requirement in many applications for governments, banking and financial environments, and others. This session will discuss these requirements, provide an update on how the Apache HTTP Server's mod_ssl integrate with HSMs, and demonstrate how to configure httpd to use hardware-based keys for TLS.
A long time contributor to the Apache HTTP Server, in his copious spare time Sander Temme is the product manager at nCipher Security, an Entrust Datacard company, for the nShield as a Service Cloud-accesslble Hardware Security Modules.