TLS protocol

In most text, you will se TLS and SSL being used interchangeably. This is for historic reasons, but now SSL is obsolete and we should TLS everywhere. For more history on SSL/TLS, see Feisty duck's timeline

TLS is in widespread use to encrypt underlying protocols like HTTP, SMTP, DNS and so on. It handles the key exchanges and the following encrypted data transmission.

Cloudflare has a blogpost about the mechanics of a TLS connection.

From a non-specialist point of view, keywords include

Certificates and CA authorities: This is foundational, and out-of-scope here. This is cryptographic keys and metadata that use to prove the identity of servers and services.
TLS versions: Takeaway os to use TLS1.3 where possible and at worst TLS1.2. All previous versions are obsolete.
Cipher suite: One of the key features of TLS1.3 is that old ciphers are not allowed anymore.

Rerefences

sectigostore on TLS1.3
sectigostore on certificates
SSL.com on certificate authorities
Feisty duck's newsletter is recommended reading.

SSL analysis

Install ssldump either in Kali or similar Linux box
Run it from the command line: ssldump -j -ANH -n -i any | jq .
Generate some HHTPS traffic, e.g. by browsing
Evaluate what is shown.
- How does ssl dump know the domain name? Could we turn that off?
- When handshaking, the certificate chain is shown. Should that not be secret?

Keys	Action
`?`	Open this help
`n`	Next page
`p`	Previous page
`s`	Search