Contribute Media
A thank you to everyone who makes this possible: Read More

Gentle introduction to TLS, PKI, and Python's ssl module


TLS is an ubiquitous protocol for secure communication. It's used in HTTPS, email (IMAP, POP3, SMTP), LDAP, FTP, and more. Some recent protocols like HTTP/2 are not defined for unencrypted channels. TLS offers more than just encryption with symmetric cryptography. It also ensures data integrity and strong authentication with the help of X.509 certificates and public key infrastructure (PKI).

Did you ever wonder what's the difference between SSL, TLS, and StartTLS? Or what is the meaning of cryptic terms and names like Server Name Indication, Subject Alternative Name, or TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384? What is perfect forward secrecy and why is it so important for privacy? Does HTTPS make my website slow? What is the difference between a root CA, intermediate CA and end-entity certificate? My talk explains how a client and a server establish a secure connection, why a certificate is required, and how TLS 1.3 has improved the handshake.

Some prior knowledge of cryptography and networking basics are helpful but not required to follow this talk.


Improve this page