Ideas:

• SSL, TLS, what's in a name?
• versions and problems
• MitM
• client certificates
• how do handshakes work
• TLS1.3, what is new
• certificate chains & signing
• certificate pinning
• HSTS
• certificate preloading

SSL/TLS what's in a name?

SSL was originally developed by Netscape as a way to protect communications between browsers and web servers.

Then the browser wars started... No way other browser makers were going to using something that was branded by Netscape.

SSL was from 1999(!) on developed further with the name TLS.

SSL/TLS versions

Protocol Published Status SSL 1.0 Unpublished Unpublished SSL 2.0 1995 Deprecated in 2011 (RFC 6176) SSL 3.0 1996 Deprecated in 2015 (RFC 7568) TLS 1.0 1999 Deprecation planned in 2020[11] TLS 1.1 2006 Deprecation planned in 2020[11] TLS 1.2 2008 TLS 1.3 2018

The reason for all deprecations has been security vulnerabilities in the protocols. We really, really should stop using those versions.

Why SSL/TLS?

SSL/TLS historically has two main purposes:

• Protecting traffic using encryption. Both its confidentiality as its integrity.
• Identifying the other side. This was what the lock in the browser URL bar used to be for, until it didn't make sense anymore.

Now, on a network you know and control completely there is no need for something like SSL/TLS. TCP can detect broken packets perfectly fine, so integrity is taken care of. There is noone snooping, because you are in control of the network and you already know what systems you are talking to: your own.

The internet is not such a network.

• Snooping can easily be done by any network operator using listener ports on network equipment.
• Traffic can be changed or diverted using a so called Man in the Middle attack

MitM

A Man in the Middle attack is a situation where Alice wants to talk to Bob.

XXXX IMG

And Carol figures out a way to get in between.

XXXX IMG

This lets Carol decide which messages are exchanged.