From a7c0b04817a731a025f5e80af586b9a1b5f76e2a Mon Sep 17 00:00:00 2001 From: Bill Niblock Date: Mon, 4 May 2015 17:27:31 -0400 Subject: [PATCH] Update draft of TLS writeup. Publish Philosophy of Bill, part 1. --- _drafts/TLS_Writeup.txt | 78 ++++++++------- _drafts/Worldview.html | 13 --- _posts/2015-05-04-Philosophy-of-Bill-1.html | 102 ++++++++++++++++++++ 3 files changed, 140 insertions(+), 53 deletions(-) delete mode 100644 _drafts/Worldview.html create mode 100644 _posts/2015-05-04-Philosophy-of-Bill-1.html diff --git a/_drafts/TLS_Writeup.txt b/_drafts/TLS_Writeup.txt index c5b5225..9297f77 100644 --- a/_drafts/TLS_Writeup.txt +++ b/_drafts/TLS_Writeup.txt @@ -1,45 +1,5 @@ -TLS - Transport-Layer Security - -Asymmetric Key Authentication: - - Relies on two keys: Public key, Private key - - Both keys are related, but impossible (computationally infeasable) to - identify the private key based on the public key [1][2] - - The public key can be distributed publicly - - Used to encrypt message to the owner of the private paired key - - Used to verify signatures from the private key - - The private key is kept secret - - Used to decrypt message from the public paired key - - Used to as a digital signature - -Basics of an Asymmetric Key handshake: - 1. Client reaches out to server, requesting a secure connection - 2. Server acknowledges request, sends back it's public key - - This is commonly known as a certificate. Often signed by a - third-party to ensure it is what it's supposed to be. - 3. Client uses this public key to encrypt a secret, and sends the package - back to the server. - 4. The server then uses it's private key to decrypt the public-key - encrypted secret, and uses that secret hence forth to encrypt all traffic. - 5. A private connection is now established. - -Basics of Certificates - 1. A certificate is a vessel for a server to provide authentication - information. - 2. Typically a certificate will contain the following information: - - A UUID of the certificate itself - - The subject of the certificate - - The signature, and signature algorithm used - - The issuer of the certificate, as well as dates when it is valid - - The purpose of the key - - The thumbprint, and algorithm, used to hash the key - - The public key itself - 3. Certificate Authorities act as a third part to verify the integrity of - public keys. - -============================ TLS: An examination into the Security of the Internet, Part 1 - TLS, more often referred to as SSL, is the means by which a secure connection is established over a computer network. Most often these connections are established over the Internet, between a client (ex., web browser) and a server @@ -130,3 +90,41 @@ Sources https://security.stackexchange.com/questions/6290/how-is-it-possible-that-people-observing-an-https-connection-being-established-w [3] https://security.stackexchange.com/questions/20803/how-does-ssl-tls-work + +============================ +Notes +Asymmetric Key Authentication: + - Relies on two keys: Public key, Private key + - Both keys are related, but impossible (computationally infeasable) to + identify the private key based on the public key [1][2] + - The public key can be distributed publicly + - Used to encrypt message to the owner of the private paired key + - Used to verify signatures from the private key + - The private key is kept secret + - Used to decrypt message from the public paired key + - Used to as a digital signature + +Basics of an Asymmetric Key handshake: + 1. Client reaches out to server, requesting a secure connection + 2. Server acknowledges request, sends back it's public key + - This is commonly known as a certificate. Often signed by a + third-party to ensure it is what it's supposed to be. + 3. Client uses this public key to encrypt a secret, and sends the package + back to the server. + 4. The server then uses it's private key to decrypt the public-key + encrypted secret, and uses that secret hence forth to encrypt all traffic. + 5. A private connection is now established. + +Basics of Certificates + 1. A certificate is a vessel for a server to provide authentication + information. + 2. Typically a certificate will contain the following information: + - A UUID of the certificate itself + - The subject of the certificate + - The signature, and signature algorithm used + - The issuer of the certificate, as well as dates when it is valid + - The purpose of the key + - The thumbprint, and algorithm, used to hash the key + - The public key itself + 3. Certificate Authorities act as a third part to verify the integrity of + public keys. diff --git a/_drafts/Worldview.html b/_drafts/Worldview.html deleted file mode 100644 index f1b8f5e..0000000 --- a/_drafts/Worldview.html +++ /dev/null @@ -1,13 +0,0 @@ ---- - layout: default - tabtitle: Bye Bye Dropbox - tags: philosophy ---- - -
-

Perception And Thought

- -

I consider myself a very philosophical person. - - -

diff --git a/_posts/2015-05-04-Philosophy-of-Bill-1.html b/_posts/2015-05-04-Philosophy-of-Bill-1.html new file mode 100644 index 0000000..0b6793a --- /dev/null +++ b/_posts/2015-05-04-Philosophy-of-Bill-1.html @@ -0,0 +1,102 @@ +--- + layout: default + tabtitle: Philosophy of Bill, Abbreviated + tags: philosophy +--- + +
+

Perception And Thought

+ +

I consider myself a very philosophical person. That doesn't mean I'm any + good at philosophy, I just tend to think a lot about ethics, morality, and + happiness. Recently I've been thinking more about my worldview, what I + value as important, and how I achieve happiness in my daily life. I wanted + to jot down what I feel is a brief examination of my basic tenants; the + basic Philosophy of Bill.

+ +

I derive a lot of my philosophy from my Christian up-bringing and + Stoicism. I'm not a very religious person, though. I never really was. My + belief of what God is falls strongly under the agnostic category: I'm not + sure what God is, or if I believe in a God, but I do believe in a higher + power of some sort. I feel it's logical to always assume there is something + more powerful than yourself, but I also feel it's impossible to prove this. + I like to define faith as simply irrational belief. I have faith in many + things, both permanent and temporary. I like faith, actually, quite a bit. + I admire those who have strong faith, so long as they maintain reason and + are not fanatical. I also try to maintain a very open approach to religion. + I believe everyone has the right to worship however they choose, so long as + it does not involve anything overly immoral, such as killing. I have a hard + time tolerating people who are overly zealous about their faith, or about + denouncing someone else's faith. Nothing is more disgusting than attacking + someone for their beliefs. They are called beliefs for a reason; they are + not fact, they are opinion. It's ineffective to attack opinions, because + they are ephemeral to begin with. Like trying to hit a ghost with a + lamp-post: it just won't do what you think it will.

+ +

I love debate and discussion, but there is a clear difference between + debate for truth and argument for winning. I try to keep in the first camp, + but I'm not super-human and I have an ego so I often visit the later. + However, I always learn when I make mistakes, and I cherish when I fail, + because it only serves to better myself. I think that's the most + fundamental under-lying theme of my philosophy: always better myself; + always learn something. That ego thing, though, that's a tough monster to + handle. I've found myself adopting views similar to Zen Buddism (I think) + often when trying to quell my ego:

+ +

+ +

I think most people hear this and grow disheartened or depressed, but I + view it as very uplifting. There's a certain freedom in knowning that, no + matter how much I fail, in the end it won't matter much. It's sobering to + remember that no matter how much I've achieved or won, in the end it won't + matter much. It's important to remember that I am nothing but an improbable + spec of matter floating on a rock in an unimaginably vast and empty space. + Too many people get caught up on that "in the end" part, though, and they + begin to question why they should act at all. Well, there's a bit of time + between now and "the end" and you need to fill the void with something. For + me, that's learning, and understanding, and appreciating.

+ +

In my studies, I've discovered and adopted Stoicism as a philosophy. I + won't explain too much what Stoicism is about, since there are many sources + online which do that. I apply Stoicism mostly in the mental aspects of the + philosophy, and less in the faith/religious aspects. From Stoicism, I have + reinforced my beliefs in the importance of understanding our environment. I + remind myself every day of things I cannot control, and that I can only + control my perception of things. I try to act according to logic and + wisdom, and not according to feelings, which can hamper reason. For + example, I try not to let anger control my actions if I get trolled by my + friend Nick. I understand that anger, love, stress, and all other feelings + are very much out of my control, but allowing them to control me is well + within my control. In other words, I very much get angry, or grow lustful, + or prideful, but I try not to let those feelings dictate my actions. I + believe it was Seneca the Younger who said, "Men are not angered by things, + but by their perceptions of them." One of many mantra I keep in + reserve.

+ +

The most important thing in my life, though, is not control but + happiness. I can seek to control my perceptions and emotions all I want, + but if it does not lead to happiness, it is a fruitless endeavor. I find + happiness most when I learn; when I understand a system. I'm an engineer at + heart, so I view the world as a system of systems (of systems, of + systems...) each of which is bare to understanding. I free myself from ego + and oppression so that I can learn without fear of failure or the + disapproval of my peers. I like to always remind myself that the only + person who truly cares about me, is me. That's not to say others don't care + about me, but they care about themselves first, and me afterwards. That's + how things are; it's not wrong or depressing or hurtful it's just the way + the system works. I care for many people, but I'm always number one on the + list.

+ +

While all this is well and good, philosophy is an ever changing system; + a CICD environment. I am constantly integrating new ideas and concepts into + my understanding of the world, and sometimes purging old or unnecessary + ones. I have my fair-share of quandries, perhaps more so than others; + perhaps it's an unfair-share. That's what makes it worth it, though, to me. + I seek to learn, and in doing so, find happiness and confusion. It's a + recursive system: the confusion leads to learning, which leads to happiness + and confusion. And I love recursion.

+