HTTPS (30 Jul 2013)

Now we know for sure that way too many countries mistook "1984" for a training manual, including Germany. It is about time to teach myself about security and cryptography.

Hartley Brody's "How HTTPS Secures Connections: What Every Web Dev Should Know" happened to float by on Hacker News (IIRC) the other day. For me, it was a great start to start exploring this wide field.

Key learnings:

  • Certificates are required to authenticate communication partners. In other words, make sure you are really talking to your bank and not to someone who enjoys spending spare time on building web sites which look surprisingly like your bank's big grin
  • Following authentication, a "common secret" is established which is henceforth used to encrypt communication contents. The magic sauce is the Diffie-Hellman-Merkle algorithm. Algorithms like this make it possible to exchange enough information in the open to establish this common secret.
  • For performance reasons, subsequent encrypted communication is symmetric.

Which pushes the following items on my reading/viewing list:



When asked for a TWiki account, use your own or the default TWikiGuest account.



to top

You are here: Blog > DefinePrivatePublic20130730Https

r1.8 - 26 Sep 2013 - 16:09 - ClausBrod to top

Blog
This site
RSS

  2017: 12 - 11 - 10
  2016: 10 - 7 - 3
  2015: 11 - 10 - 9 - 4 - 1
  2014: 5
  2013: 9 - 8 - 7 - 6 - 5
  2012: 2 - 10
  2011: 1 - 8 - 9 - 10 - 12
  2010: 11 - 10 - 9 - 4
  2009: 11 - 9 - 8 - 7 -
     6 - 5 - 4 - 3
  2008: 5 - 4 - 3 - 1
  2007: 12 - 8 - 7 - 6 -
     5 - 4 - 3 - 1
  2006: 4 - 3 - 2 - 1
  2005: 12 - 6 - 5 - 4
  2004: 12 - 11 - 10
  C++
  CoCreate Modeling
  COM & .NET
  Java
  Mac
  Lisp
  OpenSource
  Scripting
  Windows
  Stuff
Changes
Index
Search
Maintenance
Impressum
Datenschutzerklärung
Home



Jump:

Copyright © 1999-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback