Tom's wiki

TLS

Transport Layer Security. Previously known as SSL (Secure Sockets Layer).

Goals:

• Privacy: a connection is encrypted, so no one can eavesdrop on it.
• Integrity: a connection is encrypted, so it is protected from MITM attacks.
• Identification: digital certificates prove the identity of a server, so no attacker can impersonate it.

The main use is HTTPS. See also https://howhttps.works.

Handshake

1. Client hello. The client sends a list of TLS versions it supports.
2. Server hello. The server chooses the best option based on its preferences and replies with its certificate (which includes its public key).
3. Client key exchange. The client verifies the server's certificate, generates a pre-master key, encrypts it with the server's public key and sends it to the server.
4. Change cipher spec. The server decrypts the pre-master key using its private key. Both the client and the server generate the same shared secret that they then use as a symmetric key.
5. Now the rest of the connection is encrypted with the symmetric key.

See https://tls12.xargs.org for a detailed example.

Certificate authority (CA)

A trusted organization that issues and signs digital certificates.

Let's Encrypt is a nonprofit CA that issues domain-validated certificates at no charge.

Digital certificate

An electronic document that proves the identity of the owner of a public key. It contains the public key itself, information about the owner, and the signature of the CA that signed it.

A client (e.g. a web browser) verifies the identity of a server by checking the signature of its certificate: it must be signed by a CA that the client trusts. Usually, client software include pre-installed certificates of trusted CAs.

The most common digital certificate format is X.509.

By purpose:

• Root: a self-signed certificate that starts a chain of trust
• Intermediate: a certificate used only to sign other certificates
• Leaf: a certificate that cannot sign other certificates

By validation level:

• Domain validation (DV): the control of a domain
• Organization validation (OV): DV + the existence of an organization as a legal entity
• Extended validation (EV): OV + manual verification by a CA

ACME

Automated Certificate Management Environment. A challenge-response protocol used to automate certificate issuance and renewal. The protocol describes the communication between an ACME client (runs on a server that requests a certificate) and an ACME server (runs at a CA).

The certbot ACME client is recommended by Let's Encrypt.