Everybody talks about security but no one actually knows how to start let alone solve issues when it is not working. We always fall back on “that” guy. With this presentation, I hope that at the end of the talk I inspired some people to become that guy.
Certificates are everywhere: in between; on the server; and even on your own devices. Even the people who don’t know what a certificate is, still look for the lock in the address bar. And if they don’t, they should. For people working with certificates daily, “Zero Trust” is something that is a standard that has been around since TLS 1.0, not a new buzzword.
When explaining to someone what that lock in the address bar actually means is something you probably need to be working with certificates daily, just to know what that lock actually portrays. Getting from a simple unsecured HTTP connection to an HTTPS connection using a certificate that is not self-signed used to be a lot harder than it is now. Or is it?
Do you know the difference between TLS and SSL, HTTP and HTTPS or even mTLS. Not to mention async vs sync encryption with RSA, DES? If yes no need to join this talk, all others are invited to explore the wonderful world of security and encryption. This talk takes you down the rabbit hole of encryption and certificates and how they are connected with each other. At the end of the talk, you will understand the terms, CER, DER, CRT, PEM, Certificates, CA, Root CA, TLS, SSL and even mTLS and be able to join the discussion at work related to certificates and a bit more.