Collaborate Disseminate
Regarding the TLS 1.3 Handshake Protocol:
When the Server sends it’s certificate, exactly how does the Client validate this?
I know at a high level the Client is verifying the data the Server sent matches what the Certificate Authority con… Continue reading What happens at a low level when authenticating server certificates?
I want approval for the Tool Suite PRO+ security software for Setup v8, or what do you know about this software?
I am trying to understand TLS authentication mechanisms.
So my basic understanding is:
Server has private key and TLS certificate(issued by some CA).
During TLS handshake, client asks server for certificate.
Server hands over certificate t… Continue reading TLS: how do we distribute root CA to clients? [duplicate]
I am migrating to Artifactory on RHEL8 as a Docker remote repository, i.e. Artifactory is a proxy for a docker registry hosted through Jfrog.io.
We have a legacy registry with config in /etc/docker/certs.d/. Another instance works fine wit… Continue reading docker daemon reports ‘tls: unconfigured cipher suite’ for Nginx reverse proxy of Artifactory Docker registry
I’ve been looking around for smart cards with support for Ed25519. More specifically, I’d like to have a TLS CA with the private key on a YubiKey. The latest YubiKey 5 supports secp256k1, secp384r1, and RSA 2048 in the PIV tool for storing… Continue reading Can I Use an OpenPGP Smart Card to Sign a TLS Certificate?
I’ve been following the guide:
https://www.comparitech.com/net-admin/decrypt-ssl-with-wireshark/
Using it for chrome and Safari on MacOS does not populate any keys in the file, Did browsers stop keys populating for security reasons or is i… Continue reading Decrypt SSL with Wireshark supported browsers
I’ve been battling with one school task for couple days and can’t seem to find any idea how to solve it. The task is pretty simple:
Log in to the server using SSH. The answer to the task is in encrypted network traffic, which you have the… Continue reading Decrypting network traffic and finding HTTPS private key
I’m setting up a client TLS CA for authenticating requests over the internet to an AWS API Gateway endpoint. It supports TLS 1.2 but not TLS 1.3, at least from what I can tell.
Is there a minimum version of TLS 1.2 for support of Ed25519 c… Continue reading What is the minimum TLS version for support of Ed25519 Keys?
My general understanding is that in server-only TLS, the connection establishment proceeds like so:
Client opens a TCP connection to the server, passing SNI and other data such as supported ciphers/etc.
Server sends back its certificate c… Continue reading How much data is signed during TLS handshakes?
My school (UK) recently sent out a message to all of us.
"In order to provide the best standard of online safety we are
improving the quality of internet filtering and monitoring on our
school network."
The new system requires i… Continue reading What is an HTTPS Interception Certificate and can schools monitor devices through it? [duplicate]