O.k. this is going to be long tweet thread, but I promise it's worth it :) ... as long as you're into distributed systems, and network encryption, but then WHO ISN"T INTO DISTRIBUTED SYSTEMS AND NETWORK ENCRYPTION? Lame people, that's who ...
-
Show this thread
-
O.k., so here's the deal; TLS1.3 is coming, very very soon now, A SHINY NEW RFC, and we can BEHOLD ITS GREATNESS, because it is AWESOME. Even with all its flaws, it is AWESOME and BETTER than TLS1.2 and everything before.
1 reply 12 retweets 53 likesShow this thread -
TLS1.3 fixes a really dumb mistake that we made in prior versions. Basically it used to work like this ... Client: How're you doing Mr Server? Server: I'm good, here's my key so that we can talk Client: Oh yeah, here's my key, let's talk
1 reply 3 retweets 29 likesShow this thread -
TLS1.3 now does this: Client: How're you doing Mr Server? Btw, here's my key so that we can talk Server: I'm good, here's my key, let's talk Look at that, ONE WHOLE PIECE OF SMALLTALK SAVED. That's the biggest benefit, basically, it's faster.
2 replies 11 retweets 82 likesShow this thread -
The other benefit is that all means we get something called forward secrecy. WHAT IS FORWARD SECRECY? It just means that if someone is listening in to our encrypted conversation, they can't decrypt it later even if they break into the client or server and get their keys.
2 replies 6 retweets 36 likesShow this thread -
That's because of DIFFIE and HELLMAN, and it is insane and magic and a cool use of math. Anyway it works. O.k., the next thing that TLS1.3 does though is something called 0-RTT and it looks like this ... Client: Hey server, we've talked before, so I'm just going to talk again
2 replies 0 retweets 42 likesShow this thread -
Replying to @colmmacc
... and don't forget MERKLE! https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange#Name …pic.twitter.com/QGvAz9Oto7
1 reply 0 retweets 0 likes
Sorry, I missed the tree for the forest!
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.