Anti-Replay and Non-Repudiation

Key Players

TLS / SSL Versions - Part 1

TLS / SSL Versions - Part 2

Encryption

Public and Private Keys

How TLS & SSL Use Cryptography

Public Key Infrastructure (PKI)

RSA

Diffie-Hellman

Digital-Signature-Algorithm

What is in a Certificate?

Inspecting a Certificate

Certificate Extensions

Lab 0.0 - Lab Introduction

Lab 3.1 - Inspecting a Certificate

What is in a Private Key file?

Lab 3.2 - Matching Certificates and Private Keys

Lab 3.2 Files

What is in a CSR?

File Formats?

Lab 3.3 - Creating a CA and Issuing Certificates

Lab 3.3 Files

Lab 3.4 - File Format Conversions

Lab 3.4 Files

Certificate Validation - Part 1

Certificate Validation - Part 2

Certificate Chains - Part 1

Certificate Chains - Part 2

Lab 4.1 - Certificate Chains

Lab 4.1 Files

Basic Constraints

Certificate Types (DV, OV, EV)

Certificate Revocation

Checking Revocation Status

Lab 4.2 - Certificate Revocation

CS - Key Exchange - Part 1

CS - Forward Secrecy - Key Exchange - Part 2

CS - Authentication

CS - Encryption - Part 1

CS - Encryption - Part 2

CS - Hashing Algorithms

Cipher Suites - Avoid, Accept, Prefer

Enumerating Cipher Suites using NMAP

Lab 5.1 - Cipher Suite Enumeration

Records - Part 1

Records - Part 2

TLS Handshake

Lab 6.1 - Inspecting a TLS Handshake with Wireshark

Lab 6.1 Files

Handshake - Ephemeral Diffie-Hellman

Handshake - Session Resumption

Handshake - Mutual Authentication

Lab 6.2 - Inspecting TLS Handshake Variants

Lab 6.2 Files

TLS Extensions

Extension - OCSP Stapling

Extension - Server Name Indication (SNI)

Extension - Session Tickets

Lab 6.3 - Inspecting TLS Handshake Extensions

Lab 6.3 Files

Decrypting TLS

Lab 6.4 - Decrypting TLS

Lab 6.4 Files

Major SSL/TLS Failures over the Years

HTTP Strict Transport Security (HSTS)

Certificate Authority Authorization (CAA)

Certificate Transparency - Part 1 - Overview

Certificate Transparency - Part 2 - Process and Demonstration

Certificate Transparency - Part 3 - Merkle Hash Trees