From 3fcf7bffc5129d162051280618cd9779b019e4a4 Mon Sep 17 00:00:00 2001
From: Bill Niblock <bill_niblock@yahoo.com>
Date: Thu, 21 May 2015 15:12:39 -0400
Subject: [PATCH] Update CSS to switch H2 and H3. Add draft for TLS part 2

---
 _drafts/TLS_Writeup2.txt          | 62 +++++++++++++++++++++++++++++++
 _posts/2015-05-06-TLS-Part-1.html |  8 ++--
 src/styles.css                    |  4 +-
 3 files changed, 67 insertions(+), 7 deletions(-)
 create mode 100644 _drafts/TLS_Writeup2.txt

diff --git a/_drafts/TLS_Writeup2.txt b/_drafts/TLS_Writeup2.txt
new file mode 100644
index 0000000..bca1e4d
--- /dev/null
+++ b/_drafts/TLS_Writeup2.txt
@@ -0,0 +1,62 @@
+TLS: An examination into the Security of the Internet, Part 2
+
+In Part 1, I went over how a connection is established with TLS. In this part, I
+want to examine the more involved details of TLS itself. Namely, I want to
+examine certificates, cipher suites, and public key authentication.
+
+Certificates
+A certificate is a vessel for a server to provide authentication informat
+
+Cipher Suites
+A cipher is the algorithm used to encrypt the information to be transmitted.
+
+Public-Key Authentication
+Big topic, very important
+
+
+
+============================
+Sources
+     [1] https://en.wikipedia.org/wiki/Public-key_cryptography
+     [2]
+     https://security.stackexchange.com/questions/6290/how-is-it-possible-that-people-observing-an-https-connection-being-established-w
+     [3]
+     https://security.stackexchange.com/questions/20803/how-does-ssl-tls-work
+
+============================
+Notes
+Asymmetric Key Authentication:
+     - Relies on two keys: Public key, Private key
+     - Both keys are related, but impossible (computationally infeasable) to
+       identify the private key based on the public key [1][2]
+     - The public key can be distributed publicly
+          - Used to encrypt message to the owner of the private paired key
+          - Used to verify signatures from the private key
+     - The private key is kept secret
+          - Used to decrypt message from the public paired key
+          - Used to as a digital signature
+
+Basics of an Asymmetric Key handshake:
+     1. Client reaches out to server, requesting a secure connection
+     2. Server acknowledges request, sends back it's public key
+          - This is commonly known as a certificate. Often signed by a
+            third-party to ensure it is what it's supposed to be.
+     3. Client uses this public key to encrypt a secret, and sends the package
+     back to the server.
+     4. The server then uses it's private key to decrypt the public-key
+     encrypted secret, and uses that secret hence forth to encrypt all traffic.
+     5. A private connection is now established.
+
+Basics of Certificates
+     1. A certificate is a vessel for a server to provide authentication
+     information.
+     2. Typically a certificate will contain the following information:
+          - A UUID of the certificate itself
+          - The subject of the certificate
+          - The signature, and signature algorithm used
+          - The issuer of the certificate, as well as dates when it is valid
+          - The purpose of the key
+          - The thumbprint, and algorithm, used to hash the key
+          - The public key itself
+     3. Certificate Authorities act as a third part to verify the integrity of
+     public keys. 
diff --git a/_posts/2015-05-06-TLS-Part-1.html b/_posts/2015-05-06-TLS-Part-1.html
index 8c64cf2..0b631d6 100644
--- a/_posts/2015-05-06-TLS-Part-1.html
+++ b/_posts/2015-05-06-TLS-Part-1.html
@@ -86,11 +86,9 @@
      established thanks to TLS/SSL, and reliability is previously established
      thanks to TCP.</p>
      
-     <p>In Part 2, I'll dive more into the TLS handshake, what certificates are
-     and how they play a role. Finally, in Part 3, I'll examine the importance
-     of secure ciphersuites for keys, and delve a bit deeper into why public-key
-     authentication is so damn cool.</p>
-     
+     <p>Part 2 focuses more on the specifics of TLS:  certificates, cipher
+     suites, and public key authentication.</p>
+
      <h3>Sources</h3>
      <ol>
           <li><a href="https://en.wikipedia.org/wiki/Public-key_cryptography">
diff --git a/src/styles.css b/src/styles.css
index f20267b..abb351c 100644
--- a/src/styles.css
+++ b/src/styles.css
@@ -192,7 +192,7 @@ article h1::first-letter {
 }
 
 article h2 {
-     text-align: right;
+     text-align: left;
      padding: 10px;
      border-bottom: 1px solid darkgrey;
      font: 1.0em "Lucida Sans Unicode", "Lucida Grande", sans-serif;
@@ -200,7 +200,7 @@ article h2 {
 }
 
 article h3 {
-     text-align: left;
+     text-align: right;
      padding: 10px;
      border-bottom: 1px solid darkgrey;
      font: 1.0em "Lucida Sans Unicode", "Lucida Grande", sans-serif;