[HN Gopher] The Illustrated TLS 1.3 Connection ___________________________________________________________________ The Illustrated TLS 1.3 Connection Author : manchoz Score : 202 points Date : 2022-08-03 15:33 UTC (7 hours ago) (HTM) web link (tls13.xargs.org) (TXT) w3m dump (tls13.xargs.org) | MrRadar wrote: | As noted in the header, there are also versions of this for TLS | 1.2, DTLS 1.3, and QUIC: | | https://tls12.xargs.org/ | | https://dtls.xargs.org/ | | https://quic.xargs.org/ | syncsynchalt wrote: | I don't have it linked in the header but I'm also proud of | https://curves.xargs.org, a visual explainer that (hopes to) | give you an understanding of elliptic curve key exchange | (ECDHE). | smoldesu wrote: | That's really slick, one of my favorite animated diagrams is | the generic Fast Fourier Transform animation, and this | definitely scratches that same itch. As someone who's | horribly bad at math and visualizing this stuff, thank you! | tialaramex wrote: | Huh, it seems xargs.org is the new name for ulfheim.net ? | Presumably the author fancied a change? At first I thought this | might be a hijack or a rip-off, but everything checks out. | | For what it's worth, I don't recommend name changes. Obviously | live your own life, but changing your name is a lasting | inconvenience (ask any married western woman who made the mistake | of saying "Yeah I'll take his name") and the rewards seem very | thin. | syncsynchalt wrote: | Yes, it's still my site. I mirror all old hostnames across both | domains but new sites will only have the xargs hostname most | likely. | | It bothered me that anyone wondering about the domain would | likely do a search on the word and end up at the list of SPLC | hate groups. My choice was to add a disclaimer to everything I | publish or just change domain names. I went with the latter. | jborean93 wrote: | Thanks for making this wonderful resource. It's been | invaluable for me to understand the protocol itself. | | I'm sorry to hear the original name was hijacked by a hate | group and you had to go out of your way to avoid such things. | alfu wrote: | I thought of ulfheim too and it redirects to the new site. | | Author's reasoning: | | > A few years ago a hate group started using the "ulfheim" name | for their own purposes. It's useless trying to reclaim a word, | so I'm moving to the domain "http://xargs.org". | | https://twitter.com/xargsnotbombs/status/1538227164599812096... | DethNinja wrote: | Are there any corporate MITMs that can handle TLS 1.3 regardless | of the client executable? | | It looks like TLS 1.3 will eliminate the capture of encrypted | malware communications. | | I'm assuming that most of the corporations will ban use of TLS | 1.3 which is somewhat problematic for the future of such a core | protocol. | mcny wrote: | This has been argued to death. Previously, on HN: | | https://news.ycombinator.com/item?id=12641880 | | > You're a bit late to the party. We're metaphorically speaking | at the stage of emptying the ash trays and hunting for the not | quite empty beer cans. | | > I agree, this isn't a low margin business either. We are | talking about inferior security for all internet users for the | sake of Well Fargo's quarterly report. | | > most of the corporations will ban use of TLS 1.3 | | literally one employee at one bank Wells Fargo said anything | about it, after all was said and done. | | If the future of TLS depends on these idiots, we are all doomed | anyway. | [deleted] | 1vuio0pswjnm7 wrote: | This was submitted not too long ago. I really appreciate this | approach, where he uses on UNIX utilities and C. There's no Perl, | Python, Ruby, Go, etc. It is increasingly difficult to find | "write ups" submitted to HN that do not use scripting languages, | even though they aim to cover "systems level" topics. I find it | easier to dissect one like this than one that uses some scripting | language with third party libraries. Not to mention I would | rather learn more about the substratum, i.e., the use of UNIX | utilities and C, than about how to use (non-shell) scripting | languages for "low level" tasks that can otherwise be done using | small, independent programs and pipes. ___________________________________________________________________ (page generated 2022-08-03 23:00 UTC)