O.k. this is going to be long tweet thread, but I promise it's worth it :) ... as long as you're into distributed systems, and network encryption, but then WHO ISN"T INTO DISTRIBUTED SYSTEMS AND NETWORK ENCRYPTION? Lame people, that's who ...
Definitely NOT A STUPID QUESTION :) There's a lot of keys floating around so it's confusing. I'll do my best be breaking down the 3 main session types ...
-
-
O.k., a "normal" session: 1. Client says hello, and includes a Diffie-Hellman keyshare 2. Server says hello back, with its own DH keyshare, signed by its RSA key. 3. Through the magic of DIFFIE and HELLMAN and MERKLE, the client and server derive an ephemeral conversation key.
-
A "resumed" session is the same, but there's no RSA. Instead the server/client stashed away a resumption key. The client shows up and says "I HAVE THIS, CAN I USE IT?" and if the server agrees, it uses that key to authenticate itself. No RSA means it's faster, but we keep DH.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.