TOPICS
#22
TLS Handshake
Read a TLS 1.3 handshake message by message, predict why a guessed key share closes it in one round trip while a rejected guess costs a second, and separate the certificate the server presents from the signature that actually proves it holds the key.
14 min
#23
Certificate Chains
Climb a certificate chain from the leaf to a root already in your trust store, predict why a missing intermediate breaks curl and Firefox while Chrome silently refetches it, and watch a cross-signed intermediate give one leaf two valid paths to two different roots.
13 min
#24
mTLS & Pinning
Present a client certificate so a server running mutual TLS lets you in, then pin one expected key and watch a fully valid, freshly-issued certificate get refused on purpose, and see why the wrong pin locks out your own users.
12 min