O.k. this is going to be long tweet thread, but I promise it's worth it :) ... as long as you're into distributed systems, and network encryption, but then WHO ISN"T INTO DISTRIBUTED SYSTEMS AND NETWORK ENCRYPTION? Lame people, that's who ...
-
Show this thread
-
O.k., so here's the deal; TLS1.3 is coming, very very soon now, A SHINY NEW RFC, and we can BEHOLD ITS GREATNESS, because it is AWESOME. Even with all its flaws, it is AWESOME and BETTER than TLS1.2 and everything before.
1 reply 12 retweets 53 likesShow this thread -
TLS1.3 fixes a really dumb mistake that we made in prior versions. Basically it used to work like this ... Client: How're you doing Mr Server? Server: I'm good, here's my key so that we can talk Client: Oh yeah, here's my key, let's talk
1 reply 3 retweets 29 likesShow this thread -
TLS1.3 now does this: Client: How're you doing Mr Server? Btw, here's my key so that we can talk Server: I'm good, here's my key, let's talk Look at that, ONE WHOLE PIECE OF SMALLTALK SAVED. That's the biggest benefit, basically, it's faster.
2 replies 11 retweets 82 likesShow this thread -
The other benefit is that all means we get something called forward secrecy. WHAT IS FORWARD SECRECY? It just means that if someone is listening in to our encrypted conversation, they can't decrypt it later even if they break into the client or server and get their keys.
2 replies 6 retweets 36 likesShow this thread -
Replying to @colmmacc
Do you have a good high-level resource on implementing forward-secrecy algorithms? Everything I've found is either a handwavy "prevents decrypting future communications" or in-the-weeds implementation-specific.
1 reply 0 retweets 0 likes
Yes, use Noise :) https://noiseprotocol.org/
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.