Collaborate Disseminate
I noticed DNS requests to the domain: ctldl.windowsupdate.com.
Some report it as malicious but I think it a false-positive, and it is legitimately Microsoft. It is also mentioned in https://security.stackexchange.com/a/233376/72031 in rela… Continue reading Why does ctldl.windowsupdate.com not use (valid) TLS?
I’m aware that OpenVPN uses TLS but in OpenVPN’s case, it uses only the TLS handshake for authenticated key exchange, for the actual transport encryption it uses its own protocol and packet format. So I’m wondering if there are any VPN’s t… Continue reading Are there any true TLS-based VPNs? [closed]
While analyzing the handshake process in TLS 1.3 and comparing it to TLS 1.2, I began to wonder if the simplified handshake structure in TLS 1.3 introduces new vulnerabilities. This concern is particularly relevant in scenarios involving S… Continue reading Does the Simplified Handshake in TLS 1.3 Increase Susceptibility to SSL/TLS Flood Attacks?
My ultimate goal is to recreate a correct JA3 fingerprint for the latest version of Chrome (v131).
I have implemented most client extensions but am struggling with the "encrypted_client_hello" (ECH) extension.
More specifically, … Continue reading With ECH, what key is used to encrypt in Google Chrome when no public key is available for a host?
TLS handshake has each endpoint assume the role of either a client or a server. The client is the first one to initiate the connection by sending a Client Hello in which the server responds with a Server Hello. I’m wondering in a peer to p… Continue reading Simultaneous TLS handshake in peer to peer network [closed]
TLS handshake has each endpoint assume the role of either a client or a server. The client is the first one to initiate the connection by sending a Client Hello in which the server responds with a Server Hello. I’m wondering in a peer to p… Continue reading Simultaneous TLS handshake in peer to peer network [closed]
I happen to recall that CHACHA20 ciphers are not compliant with both NIST guidelines and FIPS/HIPAA standards. As used to be stated by htbridge.com SSL tests years ago. I just found similar information a similar note here and comments abou… Continue reading Why are CHACHA20 TLS ciphers not compliant with the NIST guidelines and FIPS/HIPAA standards?
I remember something offhand that back when SSL was being deployed worldwide (at around 2010) the big players like google would only deploy it on external interfaces, and internally services would still prefer the non encrypted communicati… Continue reading Was it true that google had used SSL only on external interfaces
I have a Raspberry Pi-based device running an ASP.NET Core API. Each user can set up their device’s IP address. I’m looking to implement authentication and authorization to enhance security.
To bolster security, I’m considering encrypting … Continue reading HTTPS and TLS for IoT devices
I have a niche website programmed by a volunteer. Like pretty much every website it’s secured via TLS, and the main page doesn’t let you do much except login via username & password or request an account. Some users recently requested … Continue reading How to allow a user to login via client X.509 certificate or username/password?