bigger signing pictures
This commit is contained in:
Ward Wouts
parent
c424816f42
commit
d32087ec25
1 changed files with 6 additions and 4 deletions
10
index.html
10
index.html
|
|
@ -189,14 +189,15 @@ layout: false
|
|||
SSL/TLS historically has two main purposes:
|
||||
- Protecting traffic using encryption. Both its confidentiality as its integrity.
|
||||
- Identifying the other side. This was what the lock in the browser URL bar used to be for, until it didn't make sense anymore.
|
||||
|
||||
]
|
||||
???
|
||||
Now, on a network you know and control completely there is no need for something like SSL/TLS. TCP can detect broken packets perfectly fine, so integrity is taken care of. There is no one snooping, because you are in control of the network. No one else has access, and you already know what systems you are talking to: your own.
|
||||
|
||||
Such a network does not exist.
|
||||
|
||||
- Snooping can easily be done by any network operator using listener ports on network equipment.
|
||||
- Traffic can be changed or diverted using a so called Man in the Middle attack
|
||||
]
|
||||
|
||||
---
|
||||
template: inverse
|
||||
# Man in the Middle (MitM)
|
||||
|
|
@ -254,9 +255,10 @@ show certificate
|
|||
]
|
||||
.right-column[
|
||||
So, how does a certificate get signed?
|
||||
]
|
||||
|
||||
<img src="document-signing-process.png" width="100%" />
|
||||
]
|
||||
|
||||
???
|
||||
<!-- XXX picture -->
|
||||
Or how does this signing work:
|
||||
|
|
@ -270,9 +272,9 @@ Or how does this signing work:
|
|||
]
|
||||
.right-column[
|
||||
Now anyone can verify the signature:
|
||||
]
|
||||
|
||||
<img src="document-verify-signature.png" width="100%" />
|
||||
]
|
||||
???
|
||||
<!-- XXX picture -->
|
||||
Now anyone can verify the signature by:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue