Collaborate Disseminate
It is possible to view the entire HTTPS session from start to end? Any command line I can run?
I am interested in understanding more about the exchange of the public key(s) in order to establish a secure connection between (for example) a … Continue reading View public key(s) exchange during https handshake from the command line
It is possible to view the entire HTTPS session from start to end? Any command line I can run?
I am interested in understanding more about the exchange of the public key(s) in order to establish a secure connection between (for example) a … Continue reading View public key(s) exchange during https handshake from the command line
For the consumer of the API to send and receive, encrypt and decrypt into that same API, wouldn’t the client consumer also have to have the same public and private key as the server that provides the API?
Let’s say the private key for the … Continue reading Asymmetric encryption in case of multiple parties
As you may know, Common Criteria (AKA ISO/IEC15408: A standard for IT Security Evaluation) have provided some security base-line documents named "Protection Profile" for software developers and product manufacturers. Developers a… Continue reading Does defining "a minimum path length" for certification validation have any security benefit?
I’m trying to understand the purpose of defining pathLenConstraint and max_path_length in RFC5280 (Internet X509 PKI Certificate and CRL Profile):
For pathLenConstraint The above mentioned RFC states:
The pathLenConstraint field is meanin… Continue reading What problem does "max_path_length" attribute in certificates are going to solve?
I’m trying to understand the purpose of defining self-issued certificate concept in RFC5280 (Internet X509 PKI Certificate and CRL Profile):
Regarding this concept the RFC states:
This specification covers two classes of certificates:
This is partially a follow-up to the these questions:
Is visiting HTTPS websites on a public hotspot secure?
Can free Wi-Fi hotspot providers snoop on HTTPS communications?
I understand of course there this exists other ways to compromise … Continue reading What mechanisms exist to detect compromised default certificate private signing keys?
Most internet communication is now end-end encrypted using TLS. In the TLS process, the TLS server sends a PKI certificate to the user which then gets authenticated using the CA’s root certificate that it has (I believe it’s stored in the … Continue reading Why installing a root certificate on the client opens a door for MitM attack?
Some years ago, I’ve found a web browser which I can’t remember the name. It had pretty impressive security standards. For example:
Symmetric encryption key (password) is mandatory for saving browsing session/history/browser configuration… Continue reading A web browser localy encrypted by default
I have a client side certificate from cloudflare (non-root) that i install on our devices in order to gain access to our sites that ask for a client side certificate from browsers. This works perfectly well on desktop browsers on linux, wi… Continue reading client side certificate installed on ios 16 are not being sent by browsers on that device when a server requests for a identity cert