Search notes:

SSL/TLS

SSL and TLS provide authentication and encryption over insecure networks.
It is the basis for HTTPS
SSL is the predecessor of TLS.

History

SSL is called TLS since version 3. (SSL 1.0 -> SSL 2.0 -> SSL 3.0 -> TLS 1.0 -> TLS 1.1 -> TLS 1.2 -> TLS 1.3). TLS 1.0 is sometimes called SSL 3.1.
TLS 1.3 is specified in RFC 8446. Version 1.2 is specified in RFC 5246.
TLS 1.3 is not directly compatible with previous versions of TLS. However, clients and servers can negotiate a common version with which they want to communicate.

Goal/purpose of TLS

TLS allows two parties («endpoints») to create a secure channel in which data can be exchanged between them.
TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.
https://tools.ietf.org/html/rfc8446[RFC-4886]
The endpoint that initiates the connection is the client, the other one the server.
The three main properties of the channel are
Authentication The server is always authenticated, the client is optionally authenticated.
Confidentiality Data transmitted in the channel can only be read by the channel's endpoints.
Integrity Trying to modify transmitted data by a third party won't go unnoticed by the endpoint.

Handshake and record protocol

TLS consists of two main components/protocols:

Handshake

The handshake goes through three phases:
  • Key exchange (ClientHello message; after this phase, everything is encrypted)
  • Server parameters
  • Authentication
Client Server
ClientHello message
ServerHello message with SSL options
Certificate message with the public key of its own certificate
ServerHelloDone message
ClientKeyExchange message with session key that is encrypted with the server's public key
ChangeCipherSpec message to start using session key for hashing and encrypting messages
ClientFinished message
ServerFinished message

Key exchange modes

There are three basic key exchange modes in TLS:
PSK = Pre Shared Key

Relationship to SSH

Note to self: don't confuse SSL with SSH. Both allow to create a tunnel to exchange data in encrypted form with checked intergrity.
But SSL uses X.509 certificates while SSH uses their own format.

SSL certificate

Three types of certficates:
An SSL certificate is basically a text file with a digital signature: an authority signs the certficate with the authorities private key.
The SSL certificate contains
The certificate comes with a public/private key pair. This pair is used in the handshake phase: the client encrypts a symmetric key with the certificates public key.
An SSL certificate is trusted because it is either in a list of implicitly trusted certficates or it is trusted by one of the controllers of that list.
File suffixes for certificates seem to be:

See also

X.509
HTTPS
The registry keys
The .NET class System.Net.Security.SslStream.
/etc/ssl/certs
The .NET class System.Net.ServicePointManager
OpenSSL is the world’s most widely used implementation of the Transport Layer Security (TLS) protocol.
schannel.dll
The Apache Server configuration file apache/conf/extra/httpd-ssl.conf file which provides SSL support.
TLS 1.2 is part of the Web platform.

Links

Every byte of a TLS connection explained and reproduced: TLS 1.2 and TLS 1.3.

Index