Comments on: Amazing, invisible work that goes on when you click an HTTPS link http://boingboing.net/2012/12/05/amazing-invisible-work-that-g.html Brain candy for Happy Mutants Thu, 20 Jun 2013 12:37:00 +0000 hourly 1 http://wordpress.org/?v=3.4.1 By: Jim Bala http://boingboing.net/2012/12/05/amazing-invisible-work-that-g.html#comment-1601695 Jim Bala Sat, 08 Dec 2012 06:12:00 +0000 http://boingboing.net/?p=198405#comment-1601695 The Host: header is what the web server (e.g., Apache) uses to allow multiple web sites on the same IP address. But, it's of no use during the SSL/TLS setup since it isn't sent or seen until after all that is done. SSL/TLS uses the CommonName and AltName attributes of the server certificate to inform the client (e.g., FireFox) which names are allowed. If you typed www.amazon.com into FireFox and ended up at someone else's web server -- say, due to DNS cache poisoning or a forgotten /etc/hosts override -- and that server didn't have a forged server cert, FireFox would not find www.amazon.com or *.amazon.com in the server certificate offered and the connection would end immediately to prevent man-in-the-middle attacks. FireFox would pop up a warning dialog wherein you could tell it to proceed anyway, if you aren't intimidated by the scary warnings it displays. The Host: header is what the web server (e.g., Apache) uses to allow multiple web sites on the same IP address. But, it’s of no use during the SSL/TLS setup since it isn’t sent or seen until after all that is done.

SSL/TLS uses the CommonName and AltName attributes of the server certificate to inform the client (e.g., FireFox) which names are allowed. If you typed http://www.amazon.com into FireFox and ended up at someone else’s web server — say, due to DNS cache poisoning or a forgotten /etc/hosts override — and that server didn’t have a forged server cert, FireFox would not find http://www.amazon.com or *.amazon.com in the server certificate offered and the connection would end immediately to prevent man-in-the-middle attacks. FireFox would pop up a warning dialog wherein you could tell it to proceed anyway, if you aren’t intimidated by the scary warnings it displays.

]]> By: mooldarby http://boingboing.net/2012/12/05/amazing-invisible-work-that-g.html#comment-1601378 mooldarby Fri, 07 Dec 2012 22:11:00 +0000 http://boingboing.net/?p=198405#comment-1601378 Or better, M^(e + 1) Or better, M^(e + 1)

]]> By: halfpress http://boingboing.net/2012/12/05/amazing-invisible-work-that-g.html#comment-1599695 halfpress Thu, 06 Dec 2012 00:52:00 +0000 http://boingboing.net/?p=198405#comment-1599695 The first few milliseconds here are preceded by considerably more time spent tearing one's hair out dealing with SSL certificates and their inherent ability to piss you off on SOOO many levels. The first few milliseconds here are preceded by considerably more time spent tearing one’s hair out dealing with SSL certificates and their inherent ability to piss you off on SOOO many levels.

]]> By: AnthonyC http://boingboing.net/2012/12/05/amazing-invisible-work-that-g.html#comment-1599476 AnthonyC Wed, 05 Dec 2012 20:54:00 +0000 http://boingboing.net/?p=198405#comment-1599476 I think that quote block could do with a caret: C ≡ Me (mod n) --> C ≡ M^e (mod n) I think that quote block could do with a caret:
C ≡ Me (mod n) –> C ≡ M^e (mod n)

]]> By: richardmoove http://boingboing.net/2012/12/05/amazing-invisible-work-that-g.html#comment-1599468 richardmoove Wed, 05 Dec 2012 20:47:00 +0000 http://boingboing.net/?p=198405#comment-1599468 "multiply "M" by itself "e" times" describes M^e not Me. “multiply “M” by itself “e” times” describes M^e not Me.

]]> By: Chesterfield http://boingboing.net/2012/12/05/amazing-invisible-work-that-g.html#comment-1599460 Chesterfield Wed, 05 Dec 2012 20:37:00 +0000 http://boingboing.net/?p=198405#comment-1599460 ArtOfTheProblem have an excellent video showing how the Diffie-Hellman key excahange works using colors rather than numbers. The key exchange is the cornerstone of public key cryptography and it's a fantastically elegant solution to the problem of figuring out how to share a secret when somebody may be listening in. Check it out at: http://www.youtube.com/watch?v=3QnD2c4Xovk ArtOfTheProblem have an excellent video showing how the Diffie-Hellman key excahange works using colors rather than numbers. The key exchange is the cornerstone of public key cryptography and it’s a fantastically elegant solution to the problem of figuring out how to share a secret when somebody may be listening in. Check it out at: http://www.youtube.com/watch?v=3QnD2c4Xovk

]]> By: Sanjaya Kumar http://boingboing.net/2012/12/05/amazing-invisible-work-that-g.html#comment-1599433 Sanjaya Kumar Wed, 05 Dec 2012 20:21:00 +0000 http://boingboing.net/?p=198405#comment-1599433 Khan Academy has an amazing set of lectures that explain cryptography in a very lucid manner. I would recommend watching both Ancient Cryptography and Modern Cryptography. The Modern Cryptography set have a detailed explanation of how RSA works. http://www.khanacademy.org/math/applied-math Khan Academy has an amazing set of lectures that explain cryptography in a very lucid manner. I would recommend watching both Ancient Cryptography and Modern Cryptography. The Modern Cryptography set have a detailed explanation of how RSA works.

http://www.khanacademy.org/math/applied-math

]]>