Wandering Thoughts archives

2018-12-08

Link: HTTPS in the real world

Robert Heaton's article HTTPS in the real world (via) is about the difference between HTTPS in theory, in the cryptographic world of Alice and Bob, and HTTPS in practice, in the messy real world where CAs cannot be fully trusted and people lose their keys and so on. To pick one little bit to quote:

[...] But the real world has still managed to piece together a very serviceable public-key cryptography system by patching over the holes and omissions and naivety of the introductory world with a tartan of secondary systems known collectively as “Public Key Infrastructure” (PKI).

The whole article is a clear, short, amusing, and interesting summary of the whole practical mess of HTTPS and TLS. Even though I'm pretty up on all of the issues it talks about, I still found it well worth reading.

HTTPSRealWorld written at 00:10:01; Add Comment


Page tools: See As Blogdir, See As Normal.
Search:
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.