TLS   6828

« earlier    

TCP is an underspecified two-node consensus algorithm and what that means for your proxies
"When people talk about TCP, it's easy to fall into the trap of thinking of it as a connection, with a bi-directional stream of bytes. That is the abstraction that TCP provides, but it's not what TCP is. TCP is an agreement between 2 nodes to run a simple consensus algorithm. The data that is agreed on is (roughly) how much of what I have sent have you seen and how much have I seen of what you've sent. Since there are only 2 nodes, the algorithm is much simpler than what you would see in Raft or Paxos, but like a lot of consensus algorithms, it's based on nodes agreeing on what the current highest number is. [...] Besides the streams being sent, there's another important bit of information: the state of the connection itself. Annoyingly, some of this information is not transmitted over the network. The state of the connection is based largely on heuristics of the individual TCP implementations and to make matters worse, we allow programs to change this behavior depending on the application protocol."
networking  tcp  tls  distributed 
yesterday by mechazoidal
router - Did I just get DNS Hijacked? - Information Security Stack Exchange
No, the person didn't get MITM'd on their DNS requests, but yes their router's DNS entry did get changed to a malicious server. This is a real thing happening to regular people, apparently. Thanks to TLS, it won't work if you don't click through the cert warning.
certificates  TLS  DNS  security  phishing 
5 days ago by jcretan
Why you probably shouldn't use a wildcard certificate
GitHub is where people build software. More than 27 million people use GitHub to discover, fork, and contribute to over 80 million projects.
tls  letsencrypt 
5 days ago by daniel.zappala
AlwaysOnSSL - Free SSL/TLS Certificates
AlwaysOnSSL is a free and automated CA
ssl  tls  certs 
8 days ago by euler

« earlier    

related tags

1.2  20  2010  a10  agl  analytics  apache  appliance  auth  authentication  autocert  awesome  aws  babel  bambora  barracuda  beanstream  blacklist  bluecoat  bluemix  breakandinspect  browser  bundle  ca  cert  certificate  certificates  certification  certs  cf  chat  cheatsheet  check  china  cisco  cli  cloudfront  commandline  commands  compromise  conversation  cool  create  crypto  cryptographic_protocols  cryptography  curl  cybersecurity  cylance  debug  devops  discussion  display  distributed  dns  elisp  emacs  enterprise  examples  exchange  fallacy  fortinet  free  gcloud  git  github  go  golang  gpg  guide  hack  haproxy  howto  http  http2  https  humor  import  infosec  ingress  instapaper  internal  internet  interview  intranet  javascript  kubernetes  letsencrypt  lifetime  lissu.  mitm  mitmproxy  mqtt  mutual  network  networking  notification  nsa  openpgp  openssh  openssl  opm  org  osx  overview  paid  paloalto  pgp  phishing  pinker  pkcs12  pki  pkix  politics  privacy  proxies  proxy  python  q  questions  reference  removal  requests  s3  sec  security  selfhosted  shell  slidedeck  smtp  software  spacemacs  ssh  ssl  steven  symantec  tangle  tanzania  tapioca  tcp  test  testing  threatconnect  tips  tls  tls1.3  tls13  to-read  todo  tool  tools  transparency  tricks  tutorial  twenty  video  view  visualstudio  vm  vscode  was  web  webserver  websphere  whitepaper  wildcard  x509 

Copy this bookmark: