Update draft of TLS writeup. Publish Philosophy of Bill, part 1.
This commit is contained in:
Bill Niblock
parent
3eecbda301
commit
a7c0b04817
3 changed files with 140 additions and 53 deletions
|
|
@ -1,45 +1,5 @@
|
|||
TLS - Transport-Layer Security
|
||||
|
||||
Asymmetric Key Authentication:
|
||||
- Relies on two keys: Public key, Private key
|
||||
- Both keys are related, but impossible (computationally infeasable) to
|
||||
identify the private key based on the public key [1][2]
|
||||
- The public key can be distributed publicly
|
||||
- Used to encrypt message to the owner of the private paired key
|
||||
- Used to verify signatures from the private key
|
||||
- The private key is kept secret
|
||||
- Used to decrypt message from the public paired key
|
||||
- Used to as a digital signature
|
||||
|
||||
Basics of an Asymmetric Key handshake:
|
||||
1. Client reaches out to server, requesting a secure connection
|
||||
2. Server acknowledges request, sends back it's public key
|
||||
- This is commonly known as a certificate. Often signed by a
|
||||
third-party to ensure it is what it's supposed to be.
|
||||
3. Client uses this public key to encrypt a secret, and sends the package
|
||||
back to the server.
|
||||
4. The server then uses it's private key to decrypt the public-key
|
||||
encrypted secret, and uses that secret hence forth to encrypt all traffic.
|
||||
5. A private connection is now established.
|
||||
|
||||
Basics of Certificates
|
||||
1. A certificate is a vessel for a server to provide authentication
|
||||
information.
|
||||
2. Typically a certificate will contain the following information:
|
||||
- A UUID of the certificate itself
|
||||
- The subject of the certificate
|
||||
- The signature, and signature algorithm used
|
||||
- The issuer of the certificate, as well as dates when it is valid
|
||||
- The purpose of the key
|
||||
- The thumbprint, and algorithm, used to hash the key
|
||||
- The public key itself
|
||||
3. Certificate Authorities act as a third part to verify the integrity of
|
||||
public keys.
|
||||
|
||||
============================
|
||||
TLS: An examination into the Security of the Internet, Part 1
|
||||
|
||||
|
||||
TLS, more often referred to as SSL, is the means by which a secure connection is
|
||||
established over a computer network. Most often these connections are
|
||||
established over the Internet, between a client (ex., web browser) and a server
|
||||
|
|
@ -130,3 +90,41 @@ Sources
|
|||
https://security.stackexchange.com/questions/6290/how-is-it-possible-that-people-observing-an-https-connection-being-established-w
|
||||
[3]
|
||||
https://security.stackexchange.com/questions/20803/how-does-ssl-tls-work
|
||||
|
||||
============================
|
||||
Notes
|
||||
Asymmetric Key Authentication:
|
||||
- Relies on two keys: Public key, Private key
|
||||
- Both keys are related, but impossible (computationally infeasable) to
|
||||
identify the private key based on the public key [1][2]
|
||||
- The public key can be distributed publicly
|
||||
- Used to encrypt message to the owner of the private paired key
|
||||
- Used to verify signatures from the private key
|
||||
- The private key is kept secret
|
||||
- Used to decrypt message from the public paired key
|
||||
- Used to as a digital signature
|
||||
|
||||
Basics of an Asymmetric Key handshake:
|
||||
1. Client reaches out to server, requesting a secure connection
|
||||
2. Server acknowledges request, sends back it's public key
|
||||
- This is commonly known as a certificate. Often signed by a
|
||||
third-party to ensure it is what it's supposed to be.
|
||||
3. Client uses this public key to encrypt a secret, and sends the package
|
||||
back to the server.
|
||||
4. The server then uses it's private key to decrypt the public-key
|
||||
encrypted secret, and uses that secret hence forth to encrypt all traffic.
|
||||
5. A private connection is now established.
|
||||
|
||||
Basics of Certificates
|
||||
1. A certificate is a vessel for a server to provide authentication
|
||||
information.
|
||||
2. Typically a certificate will contain the following information:
|
||||
- A UUID of the certificate itself
|
||||
- The subject of the certificate
|
||||
- The signature, and signature algorithm used
|
||||
- The issuer of the certificate, as well as dates when it is valid
|
||||
- The purpose of the key
|
||||
- The thumbprint, and algorithm, used to hash the key
|
||||
- The public key itself
|
||||
3. Certificate Authorities act as a third part to verify the integrity of
|
||||
public keys.
|
||||
|
|
|
|||
|
|
@ -1,13 +0,0 @@
|
|||
---
|
||||
layout: default
|
||||
tabtitle: Bye Bye Dropbox
|
||||
tags: philosophy
|
||||
---
|
||||
|
||||
<article>
|
||||
<h1>Perception And Thought</h1>
|
||||
|
||||
<p>I consider myself a very philosophical person.
|
||||
|
||||
|
||||
</article>
|
||||
102
_posts/2015-05-04-Philosophy-of-Bill-1.html
Normal file
102
_posts/2015-05-04-Philosophy-of-Bill-1.html
Normal file
|
|
@ -0,0 +1,102 @@
|
|||
---
|
||||
layout: default
|
||||
tabtitle: Philosophy of Bill, Abbreviated
|
||||
tags: philosophy
|
||||
---
|
||||
|
||||
<article>
|
||||
<h1>Perception And Thought</h1>
|
||||
|
||||
<p>I consider myself a very philosophical person. That doesn't mean I'm any
|
||||
good at philosophy, I just tend to think a lot about ethics, morality, and
|
||||
happiness. Recently I've been thinking more about my worldview, what I
|
||||
value as important, and how I achieve happiness in my daily life. I wanted
|
||||
to jot down what I feel is a brief examination of my basic tenants; the
|
||||
basic Philosophy of Bill.</p>
|
||||
|
||||
<p>I derive a lot of my philosophy from my Christian up-bringing and
|
||||
Stoicism. I'm not a very religious person, though. I never really was. My
|
||||
belief of what God is falls strongly under the agnostic category: I'm not
|
||||
sure what God is, or if I believe in a God, but I do believe in a higher
|
||||
power of some sort. I feel it's logical to always assume there is something
|
||||
more powerful than yourself, but I also feel it's impossible to prove this.
|
||||
I like to define faith as simply irrational belief. I have faith in many
|
||||
things, both permanent and temporary. I like faith, actually, quite a bit.
|
||||
I admire those who have strong faith, so long as they maintain reason and
|
||||
are not fanatical. I also try to maintain a very open approach to religion.
|
||||
I believe everyone has the right to worship however they choose, so long as
|
||||
it does not involve anything overly immoral, such as killing. I have a hard
|
||||
time tolerating people who are overly zealous about their faith, or about
|
||||
denouncing someone else's faith. Nothing is more disgusting than attacking
|
||||
someone for their beliefs. They are called beliefs for a reason; they are
|
||||
not fact, they are opinion. It's ineffective to attack opinions, because
|
||||
they are ephemeral to begin with. Like trying to hit a ghost with a
|
||||
lamp-post: it just won't do what you think it will.</p>
|
||||
|
||||
<p>I love debate and discussion, but there is a clear difference between
|
||||
debate for truth and argument for winning. I try to keep in the first camp,
|
||||
but I'm not super-human and I have an ego so I often visit the later.
|
||||
However, I always learn when I make mistakes, and I cherish when I fail,
|
||||
because it only serves to better myself. I think that's the most
|
||||
fundamental under-lying theme of my philosophy: always better myself;
|
||||
always learn something. That ego thing, though, that's a tough monster to
|
||||
handle. I've found myself adopting views similar to Zen Buddism (I think)
|
||||
often when trying to quell my ego:</p>
|
||||
|
||||
<p><ul>
|
||||
<li> All will return to nothingness.</li>
|
||||
<li> Ergo, what I do will be inconsequential.</li>
|
||||
<li> Ergo, I am inconsequential.</li>
|
||||
</ul></p>
|
||||
|
||||
<p>I think most people hear this and grow disheartened or depressed, but I
|
||||
view it as very uplifting. There's a certain freedom in knowning that, no
|
||||
matter how much I fail, in the end it won't matter much. It's sobering to
|
||||
remember that no matter how much I've achieved or won, in the end it won't
|
||||
matter much. It's important to remember that I am nothing but an improbable
|
||||
spec of matter floating on a rock in an unimaginably vast and empty space.
|
||||
Too many people get caught up on that "in the end" part, though, and they
|
||||
begin to question why they should act at all. Well, there's a bit of time
|
||||
between now and "the end" and you need to fill the void with something. For
|
||||
me, that's learning, and understanding, and appreciating.</p>
|
||||
|
||||
<p>In my studies, I've discovered and adopted Stoicism as a philosophy. I
|
||||
won't explain too much what Stoicism is about, since there are many sources
|
||||
online which do that. I apply Stoicism mostly in the mental aspects of the
|
||||
philosophy, and less in the faith/religious aspects. From Stoicism, I have
|
||||
reinforced my beliefs in the importance of understanding our environment. I
|
||||
remind myself every day of things I cannot control, and that I can only
|
||||
control my perception of things. I try to act according to logic and
|
||||
wisdom, and not according to feelings, which can hamper reason. For
|
||||
example, I try not to let anger control my actions if I get trolled by my
|
||||
friend Nick. I understand that anger, love, stress, and all other feelings
|
||||
are very much out of my control, but allowing them to control me is well
|
||||
within my control. In other words, I very much get angry, or grow lustful,
|
||||
or prideful, but I try not to let those feelings dictate my actions. I
|
||||
believe it was Seneca the Younger who said, "Men are not angered by things,
|
||||
but by their perceptions of them." One of many mantra I keep in
|
||||
reserve.</p>
|
||||
|
||||
<p>The most important thing in my life, though, is not control but
|
||||
happiness. I can seek to control my perceptions and emotions all I want,
|
||||
but if it does not lead to happiness, it is a fruitless endeavor. I find
|
||||
happiness most when I learn; when I understand a system. I'm an engineer at
|
||||
heart, so I view the world as a system of systems (of systems, of
|
||||
systems...) each of which is bare to understanding. I free myself from ego
|
||||
and oppression so that I can learn without fear of failure or the
|
||||
disapproval of my peers. I like to always remind myself that the only
|
||||
person who truly cares about me, is me. That's not to say others don't care
|
||||
about me, but they care about themselves first, and me afterwards. That's
|
||||
how things are; it's not wrong or depressing or hurtful it's just the way
|
||||
the system works. I care for many people, but I'm always number one on the
|
||||
list.</p>
|
||||
|
||||
<p>While all this is well and good, philosophy is an ever changing system;
|
||||
a CICD environment. I am constantly integrating new ideas and concepts into
|
||||
my understanding of the world, and sometimes purging old or unnecessary
|
||||
ones. I have my fair-share of quandries, perhaps more so than others;
|
||||
perhaps it's an unfair-share. That's what makes it worth it, though, to me.
|
||||
I seek to learn, and in doing so, find happiness and confusion. It's a
|
||||
recursive system: the confusion leads to learning, which leads to happiness
|
||||
and confusion. And I love recursion.</p>
|
||||
</article>
|
||||
Loading…
Reference in a new issue