diff --git a/_drafts/TLS_Writeup2.txt b/_drafts/TLS_Writeup2.txt
new file mode 100644
index 0000000..bca1e4d
--- /dev/null
+++ b/_drafts/TLS_Writeup2.txt
@@ -0,0 +1,62 @@
+TLS: An examination into the Security of the Internet, Part 2
+
+In Part 1, I went over how a connection is established with TLS. In this part, I
+want to examine the more involved details of TLS itself. Namely, I want to
+examine certificates, cipher suites, and public key authentication.
+
+Certificates
+A certificate is a vessel for a server to provide authentication informat
+
+Cipher Suites
+A cipher is the algorithm used to encrypt the information to be transmitted.
+
+Public-Key Authentication
+Big topic, very important
+
+
+
+============================
+Sources
+ [1] https://en.wikipedia.org/wiki/Public-key_cryptography
+ [2]
+ https://security.stackexchange.com/questions/6290/how-is-it-possible-that-people-observing-an-https-connection-being-established-w
+ [3]
+ https://security.stackexchange.com/questions/20803/how-does-ssl-tls-work
+
+============================
+Notes
+Asymmetric Key Authentication:
+ - Relies on two keys: Public key, Private key
+ - Both keys are related, but impossible (computationally infeasable) to
+ identify the private key based on the public key [1][2]
+ - The public key can be distributed publicly
+ - Used to encrypt message to the owner of the private paired key
+ - Used to verify signatures from the private key
+ - The private key is kept secret
+ - Used to decrypt message from the public paired key
+ - Used to as a digital signature
+
+Basics of an Asymmetric Key handshake:
+ 1. Client reaches out to server, requesting a secure connection
+ 2. Server acknowledges request, sends back it's public key
+ - This is commonly known as a certificate. Often signed by a
+ third-party to ensure it is what it's supposed to be.
+ 3. Client uses this public key to encrypt a secret, and sends the package
+ back to the server.
+ 4. The server then uses it's private key to decrypt the public-key
+ encrypted secret, and uses that secret hence forth to encrypt all traffic.
+ 5. A private connection is now established.
+
+Basics of Certificates
+ 1. A certificate is a vessel for a server to provide authentication
+ information.
+ 2. Typically a certificate will contain the following information:
+ - A UUID of the certificate itself
+ - The subject of the certificate
+ - The signature, and signature algorithm used
+ - The issuer of the certificate, as well as dates when it is valid
+ - The purpose of the key
+ - The thumbprint, and algorithm, used to hash the key
+ - The public key itself
+ 3. Certificate Authorities act as a third part to verify the integrity of
+ public keys.
diff --git a/_posts/2015-05-06-TLS-Part-1.html b/_posts/2015-05-06-TLS-Part-1.html
index 8c64cf2..0b631d6 100644
--- a/_posts/2015-05-06-TLS-Part-1.html
+++ b/_posts/2015-05-06-TLS-Part-1.html
@@ -86,11 +86,9 @@
established thanks to TLS/SSL, and reliability is previously established
thanks to TCP.
- In Part 2, I'll dive more into the TLS handshake, what certificates are
- and how they play a role. Finally, in Part 3, I'll examine the importance
- of secure ciphersuites for keys, and delve a bit deeper into why public-key
- authentication is so damn cool.
-
+ Part 2 focuses more on the specifics of TLS: certificates, cipher
+ suites, and public key authentication.
+
Sources
-
diff --git a/src/styles.css b/src/styles.css
index f20267b..abb351c 100644
--- a/src/styles.css
+++ b/src/styles.css
@@ -192,7 +192,7 @@ article h1::first-letter {
}
article h2 {
- text-align: right;
+ text-align: left;
padding: 10px;
border-bottom: 1px solid darkgrey;
font: 1.0em "Lucida Sans Unicode", "Lucida Grande", sans-serif;
@@ -200,7 +200,7 @@ article h2 {
}
article h3 {
- text-align: left;
+ text-align: right;
padding: 10px;
border-bottom: 1px solid darkgrey;
font: 1.0em "Lucida Sans Unicode", "Lucida Grande", sans-serif;