F·120COMPUTER SCIENCE2025.05.291 MIN READ

SSL/TLS: The Definitive Guide to Secure Communication

SSL/TLS 인증서: 인터넷 신분증과 암호화의 모든 것 (완전정복)

From Netscape SSL to TLS 1.3. Symmetric vs Asymmetric encryption, Handshake deep dive (RTT reduction), Chain of Trust, and why 'Self-Signed' is dangerous.

codemapo

INTERDISCIPLINARY DEV · SEOUL

12. Glossary

SSL (Secure Sockets Layer): Original protocol by Netscape. Now deprecated.
TLS (Transport Layer Security): Modern standard. Versions 1.2 and 1.3 are current.
CA (Certificate Authority): Entity that issues and vouches for certificates.
Root Certificate: Top of the trust chain. Pre-installed in OS/browsers.
Chain of Trust: Verification path from site cert → intermediate CA → root CA.
Symmetric Encryption: Same key for encrypt/decrypt. Fast (AES).
Asymmetric Encryption: Public/private key pair. Secure but slow (RSA, ECC).
Handshake: Initial negotiation to agree on keys and algorithms.
Cipher Suite: Set of algorithms for key exchange, encryption, and hashing.
RTT (Round Trip Time): Time for a packet to travel to destination and back.
Session Key: Temporary symmetric key created during handshake.
Self-Signed Certificate: Certificate signed by itself, not a CA. Triggers browser warnings.
PKI (Public Key Infrastructure): Ecosystem of certificates, CAs, and policies.
HSTS: Header forcing browsers to use HTTPS only.
MITM (Man-In-The-Middle): Attack where hacker intercepts communication.
Forward Secrecy (PFS): Ensures past sessions can't be decrypted if private key is later stolen.
OCSP Stapling: Server provides certificate validity proof to client.
mkcert: Tool for creating locally-trusted dev certificates.
Mixed Content: Security warning when HTTPS page loads HTTP resources.
Let's Encrypt: Free, automated CA. Works with certbot for easy cert management.

#CS #Security #SSL #TLS #Network #Cryptography

← Back to List

F·120COMPUTER SCIENCE2025.05.291 MIN READ

SSL/TLS: The Definitive Guide to Secure Communication

SSL/TLS 인증서: 인터넷 신분증과 암호화의 모든 것 (완전정복)

From Netscape SSL to TLS 1.3. Symmetric vs Asymmetric encryption, Handshake deep dive (RTT reduction), Chain of Trust, and why 'Self-Signed' is dangerous.

codemapo

INTERDISCIPLINARY DEV · SEOUL

12. Glossary

SSL (Secure Sockets Layer): Original protocol by Netscape. Now deprecated.
TLS (Transport Layer Security): Modern standard. Versions 1.2 and 1.3 are current.
CA (Certificate Authority): Entity that issues and vouches for certificates.
Root Certificate: Top of the trust chain. Pre-installed in OS/browsers.
Chain of Trust: Verification path from site cert → intermediate CA → root CA.
Symmetric Encryption: Same key for encrypt/decrypt. Fast (AES).
Asymmetric Encryption: Public/private key pair. Secure but slow (RSA, ECC).
Handshake: Initial negotiation to agree on keys and algorithms.
Cipher Suite: Set of algorithms for key exchange, encryption, and hashing.
RTT (Round Trip Time): Time for a packet to travel to destination and back.
Session Key: Temporary symmetric key created during handshake.
Self-Signed Certificate: Certificate signed by itself, not a CA. Triggers browser warnings.
PKI (Public Key Infrastructure): Ecosystem of certificates, CAs, and policies.
HSTS: Header forcing browsers to use HTTPS only.
MITM (Man-In-The-Middle): Attack where hacker intercepts communication.
Forward Secrecy (PFS): Ensures past sessions can't be decrypted if private key is later stolen.
OCSP Stapling: Server provides certificate validity proof to client.
mkcert: Tool for creating locally-trusted dev certificates.
Mixed Content: Security warning when HTTPS page loads HTTP resources.
Let's Encrypt: Free, automated CA. Works with certbot for easy cert management.

#CS #Security #SSL #TLS #Network #Cryptography

← Back to List