Amazing, invisible work that goes on when you click an HTTPS link

Discuss

7 Responses to “Amazing, invisible work that goes on when you click an HTTPS link”

  1. Sanjaya Kumar says:

    Khan Academy has an amazing set of lectures that explain cryptography in a very lucid manner. I would recommend watching both Ancient Cryptography and Modern Cryptography. The Modern Cryptography set have a detailed explanation of how RSA works.

    http://www.khanacademy.org/math/applied-math

  2. Chesterfield says:

    ArtOfTheProblem have an excellent video showing how the Diffie-Hellman key excahange works using colors rather than numbers. The key exchange is the cornerstone of public key cryptography and it’s a fantastically elegant solution to the problem of figuring out how to share a secret when somebody may be listening in. Check it out at: http://www.youtube.com/watch?v=3QnD2c4Xovk

  3. richardmoove says:

    “multiply “M” by itself “e” times” describes M^e not Me.

  4. AnthonyC says:

    I think that quote block could do with a caret:
    C ≡ Me (mod n) –> C ≡ M^e (mod n)

  5. halfpress says:

    The first few milliseconds here are preceded by considerably more time spent tearing one’s hair out dealing with SSL certificates and their inherent ability to piss you off on SOOO many levels.

  6. Jim Bala says:

    The Host: header is what the web server (e.g., Apache) uses to allow multiple web sites on the same IP address. But, it’s of no use during the SSL/TLS setup since it isn’t sent or seen until after all that is done.

    SSL/TLS uses the CommonName and AltName attributes of the server certificate to inform the client (e.g., FireFox) which names are allowed. If you typed http://www.amazon.com into FireFox and ended up at someone else’s web server — say, due to DNS cache poisoning or a forgotten /etc/hosts override — and that server didn’t have a forged server cert, FireFox would not find http://www.amazon.com or *.amazon.com in the server certificate offered and the connection would end immediately to prevent man-in-the-middle attacks. FireFox would pop up a warning dialog wherein you could tell it to proceed anyway, if you aren’t intimidated by the scary warnings it displays.

Leave a Reply