Skip to content

Latest commit

 

History

History
503 lines (252 loc) · 30.1 KB

Sources.md

File metadata and controls

503 lines (252 loc) · 30.1 KB

B. Sources

  1. Wikipedia - HTTPS

  2. Wikipedia - Internet

  3. Wikipedia - IP routing

  4. Wikipedia - IPv6

  5. Wikipedia - IPv4 address exhaustion

  6. Wikipedia - World population

  7. MDN web docs - How the web works

  8. Google Public DNS - Get Started

  9. Graziani, Rick - IPv6 Fundamentals - Chapter 8 - Dynamic IPv4 Address Allocation

  10. Wikipedia - Neighbor Discovery Protocol

  11. Wikipedia - Happy Eyeballs

  12. Wikipedia - Domain_Name_System

  13. Wikipedia - Transmission Control Protocol

  14. Wikipedia - Hypertext Transfer Protocol - HTTP session

  15. Wikipedia - Hypertext Transfer Protocol - Response message

  16. Wikipedia - List of HTTP status codes

  17. Wikipedia - HTML

  18. Why Web Browser DNS Caching Can Be A Bad Thing

  19. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - TLS/SSL Protocol

  20. Wikipedia - URL

  21. Wikipedia - Hostname

  22. MDN web docs - A typical HTTP session - Structure of a server response

  23. Wikipedia - Transport Layer Security

  24. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - Overview - Establishing a Secure Connection

  25. Stackoverflow - How does SSL/TLS work? - Answer by Thomas Pornin

  26. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - TLS 1.3 Detailed Description

  27. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - TLS 1.2, TLS 1.1/SSL - Detailed Description

  28. RFC 8446 - TLS 1.3 - 2.2. Resumption and Pre-Shared Key (PSK)

  29. RFC 5246 - TLS 1.2 - 7.3. Handshake Protocol Overview

  30. Wikipedia - Forward Secrecy

  31. Trend Micro - HTTPS Protocol Now Used in 58% of Phishing Websites

  32. Wikipedia - X.509 - Certificates

  33. Wikipedia - Digital signature

  34. Wikipedia - HTTPS - Browser integration

  35. RFC 8446 - TLS 1.3 - 6.1. Closure Alerts

  36. RFC 5246 - TLS 1.2 - 7.2.1. Closure Alerts

  37. Wikipedia - Encryption

  38. Wikipedia - Key (cryptography)

  39. Wikipedia - Key (cryptography) - Key size

  40. Wikipedia - Key (cryptography) - Key choice

  41. Wikipedia - Computational hardness assumption

  42. zytrax - Survival Guide - Encryption, Authentication - Symmetric Cryptography

  43. zytrax - Survival Guide - Encryption, Authentication - Asymmetric Cryptography

  44. zytrax - Survival Guide - Encryption, Authentication - (Ephemeral) Diffie-Hellman Exchange

  45. Wikipedia - Session (computer science)

  46. RFC 5246 - TLS 1.2 - F.1.1.3. Diffie-Hellman Key Exchange with Authentication

  47. RFC 8446 - TLS 1.3 - 7.2. Updating Traffic Secrets

  48. zytrax - Survival Guide - Encryption, Authentication - Message Digests (Hashes)

  49. Wikipedia - Cryptographic hash function

  50. zytrax - Survival Guide - Encryption, Authentication - Message Authentication Code (MAC)

  51. zytrax - Survival Guide - Encryption, Authentication - Digital Signatures

  52. Wikipedia - X.509 - Sample X.509 certificates - End-entity certificate

  53. RFC 5246 - TLS 1.2 - 7.4.2. Server Certificate

  54. RFC 8446 - TLS 1.3 - 4.4.2. Certificate

  55. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - X.509 (SSL) Certificate Overview

  56. RFC 5246 - TLS 1.2 - 7.4.7.1. RSA-Encrypted Premaster Secret Message

  57. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - X.509 Certificate Format

  58. Wikipedia - ASN.1

  59. RFC 5912 - New ASN.1 for PKIX - 14. ASN.1 Module for RFC 5280, Explicit and Implicit

  60. RFC 5280 - PKIX Certificate and CRL Profile - 4.1. Basic Certificate Fields

  61. Wikipedia - X.690

  62. Wikipedia - X.690 - BER encoding

  63. Wikipedia - X.690 - DER encoding

  64. Wikipedia - ASN.1 - Example

  65. Wikipedia - Object identifier

  66. RFC 5280 - PKIX Certificate and CRL Profile - 4.2.1.3. Key Usage

  67. alvestrand.no - 2.5.29.15 - Key Usage

  68. OID Repository (oid-info.com) - keyUsage(15)

  69. Wikipedia - X.509 - Certificates - Structure of a certificate

  70. RFC 5246 - TLS 1.2 - 7.4.5. Server Hello Done

  71. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - X.509 Certificate Usage

  72. RFC 5280 - PKIX Certificate and CRL Profile - 4.1.2.4. Issuer

  73. RFC 5280 - PKIX Certificate and CRL Profile - 4.1.2.3. Signature

  74. RFC 5280 - PKIX Certificate and CRL Profile - 4.1.2.5. Validity

  75. RFC 5280 - PKIX Certificate and CRL Profile - 4.1.2.6. Subject

  76. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - X.509 Certificate Types and Terminology

  77. RFC 5280 - PKIX Certificate and CRL Profile - 4.1.2.7. Subject Public Key Info

  78. RFC 5246 - TLS 1.2 - 7.4.3. Server Key Exchange Message

  79. Vincent Bernat - TLS & Perfect Forward Secrecy - Diffie-Hellman with elliptic curves

  80. RFC 5280 - PKIX Certificate and CRL Profile - 4.2.1.6. Subject Alternative Name

  81. RFC 5280 - PKIX Certificate and CRL Profile - 4.2.1.9. Basic Constraints

  82. Wikipedia - Certificate authority

  83. RFC 5280 - PKIX Certificate and CRL Profile - 4.1.1.3. signatureValue

  84. Wikipedia - X.509

  85. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - Process and Trust - CA's and X.509 Certificates

  86. Information Security Stack Exchange - Why is the Signature Algorithm listed twice in an x509 Certificate? - Answer by BBerastegui

  87. RFC 6211 - CMS Algorithm Attribute - Abstract

  88. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - X.509 Certificate Chaining

  89. Wikipedia - X.509 - Certificate chains and cross-certification

  90. Wikipedia - Chain of trust

  91. Wikipedia - X.509 - Sample X.509 certificates - Root certificate

  92. The Chromium Projects - Chromium - Chromium Security - Root Certificate Policy

  93. Wikipedia - Certificate authority - Overview

  94. Mozilla Root Store Policy

  95. Crowe FST Audit Kft. and Crowe FST Consulting Kft. - Webtrust Audit

  96. SSLShopper - What does the WebTrust program cover?

  97. WEBTRUST® FOR CERTIFICATION AUTHORITIES - 2.2 Certificate Policy (CP) Management (if applicable)

  98. Wikipedia - Comodo Cybersecurity - Controversies - Certificate hacking

  99. Wikipedia - DigiNotar

  100. Information Security Stack Exchange - Where are field names of decoded human readable X.509 certificates specified? - Answer by mti2935

  101. X.509 - Sample X.509 certificates - Intermediate certificate

  102. Wikipedia - Public key infrastructure

  103. RFC 5280 - PKIX Certificate and CRL Profile - 4.1.1.2. signatureAlgorithm

  104. OID Repository (oid-info.com) - pkcs-1(1)

  105. OID Repository (oid-info.com) - sha256WithRSAEncryption(11)

  106. Wikipedia - RSA (cryptosystem)

  107. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - Certificate Bundles

  108. X.509 - Certificates - Certificate filename extensions

  109. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - SSL Related File Format Notes

  110. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - SSL Related File Format Notes - PEM Format

  111. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - SSL Related File Format Notes - PEM BEGIN Keywords

  112. Wikipedia - PKCS

  113. Wikipedia - Cryptographic Message Syntax

  114. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - SSL Related File Format Notes - File Extensions (Suffix)

  115. Wikipedia - PKCS 8

  116. Wikipedia - PKCS 12

  117. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - Certificate Revocation Lists (CRLs)

  118. zytrax - Survival guides - TLS/SSL and SSL (X.509) Certificates - Online Certificate Status Protocol (OCSP)

  119. Wikipedia - Online Certificate Status Protocol

  120. RFC 6961 - TLS Multiple Certificate Status Extension

  121. Wikipedia - Certificate revocation list

  122. SSL.com - How Do Browsers Handle Revoked SSL/TLS Certificates?

  123. RFC 5246 - TLS 1.2 - 7.2.2. Error Alerts

  124. hashedout by The SSL Store - This is what happens when your SSL certificate expires - What happens when your SSL certificate expires?

  125. Wikipedia - HMAC

  126. RFC 5246 - TLS 1.2 - 7.3. Handshake Protocol Overview

  127. RFC 5246 - TLS 1.2 - 7. The TLS Handshaking Protocols

  128. RFC 5246 - TLS 1.2 - 6.2.1. Fragmentation

  129. RFC 5246 - TLS 1.2 - 7.4.1.2. Client Hello

  130. RFC 5246 - TLS 1.2 - Appendix C. Cipher Suite Definitions

  131. RFC 5246 - TLS 1.2 - A.5. The Cipher Suite

  132. RFC 8422 - ECC Cipher Suites for TLS 1.2 - 6. Cipher Suites

  133. RFC 5246 - TLS 1.2 - 12. IANA Considerations

  134. Wikipedia - Internet Assigned Numbers Authority

  135. iana.org - Transport Layer Security (TLS) Parameters - TLS Cipher Suites

  136. RFC 5246 - TLS 1.2 - 7.4.1.3. Server Hello

  137. RFC 5246 - TLS 1.2 - 7.4.1.4. Hello Extensions

  138. RFC 5246 - TLS 1.2 - 7.4.1.4.1. Signature Algorithms

  139. RFC 5246 - TLS 1.2 - 7.4.2. Server Certificate

  140. RFC 5246 - TLS 1.2 - 7.4.3. Server Key Exchange Message

  141. RFC 7924 - TLS 1.2 Cached Information Extension - 1. Introduction

  142. RFC 7924 - TLS 1.2 Cached Information Extension - 3. Cached Information Extension

  143. RFC 7924 - TLS 1.2 Cached Information Extension - 5. Fingerprint Calculation

  144. RFC 5246 - TLS 1.2 - 6.2.3. Record Payload Protection

  145. RFC 7924 - TLS 1.2 Cached Information Extension - 4.1. Server Certificate Message

  146. RFC 5246 - TLS 1.2 - 4.7. Cryptographic Attributes

  147. RFC 5246 - TLS 1.2 - 7.4.7. Client Key Exchange Message

  148. RFC 5246 - TLS 1.2 - 8.1. Computing the Master Secret

  149. RFC 5246 - TLS 1.2 - 6.3. Key Calculation

  150. RFC 5246 - TLS 1.2 - 7.4.7.1. RSA-Encrypted Premaster Secret Message

  151. RFC 5246 - TLS 1.2 - 7.4.7.2. Client Diffie-Hellman Public Value

  152. RFC 5246 - TLS 1.2 - 8.1.2. Diffie-Hellman

  153. RFC 5246 - TLS 1.2 - F.1.1.2. RSA Key Exchange and Authentication

  154. RFC 8422 - ECC Cipher Suites for TLS 1.2 - 1. Introduction

  155. RFC 8422 - ECC Cipher Suites for TLS 1.2 - 2. Key Exchange Algorithm

  156. RFC 8422 - ECC Cipher Suites for TLS 1.2 - 5.4. Server Key Exchange

  157. RFC 8422 - ECC Cipher Suites for TLS 1.2 - 5.7. Client Key Exchange

  158. RFC 8422 - ECC Cipher Suites for TLS 1.2 - 5.10. ECDH, ECDSA, and RSA Computations

  159. RFC 8422 - ECC Cipher Suites for TLS 1.2

  160. RFC 7627 - TLS 1.2 Session Hash Extension - 1. Introduction

  161. RFC 7627 - TLS 1.2 Session Hash Extension - 3. The TLS Session Hash

  162. RFC 5246 - TLS 1.2 - 5. HMAC and the Pseudorandom Function

  163. RFC 5246 - TLS 1.2 - 7.4.9. Finished

  164. RFC 5246 - TLS 1.2 - 7.4.4. Certificate Request

  165. RFC 5246 - TLS 1.2 - 7.4.6. Client Certificate

  166. RFC 5246 - TLS 1.2 - 7.4.8. Certificate Verify

  167. RFC 5246 - TLS 1.2 - 7.1. Change Cipher Spec Protocol

  168. RFC 5246 - TLS 1.2 - 6.2.2. Record Compression and Decompression

  169. RFC 5246 - TLS 1.2 - 6.2. Record Layer

  170. RFC 5246 - TLS 1.2 - 6.2.3.1. Null or Standard Stream Cipher

  171. Wikipedia - Stream cipher

  172. RFC 5246 - TLS 1.2 - 6.2.3.2. CBC Block Cipher

  173. Wikipedia - Block cipher

  174. RFC 5246 - TLS 1.2 - 6.2.3.3. AEAD Ciphers

  175. Wikipedia - Authenticated encryption - Authenticated encryption with associated data (AEAD)

  176. Wikipedia - Cryptographic nonce

  177. RFC 5288 - AES-GCM Cipher suites - 1. Introduction

  178. RFC 5288 - AES-GCM Cipher suites - 3. AES-GCM Cipher Suites

  179. RFC 8446 - TLS 1.3 - 2. Protocol Overview

  180. RFC 8446 - TLS 1.3 - 4. Handshake Protocol

  181. RFC 8446 - TLS 1.3 - 5.1. Record Layer

  182. RFC 8446 - TLS 1.3 - 4.1.2. Client Hello

  183. RFC 8446 - TLS 1.3 - 4.1.1. Cryptographic Negotation

  184. RFC 8446 - TLS 1.3 - 4.2. Extensions

  185. RFC 8446 - TLS 1.3 - B.4. Cipher Suites

  186. RFC 8446 - TLS 1.3 - 5.2. Record Payload Protection

  187. RFC 8446 - TLS 1.3 - 1.2. Major Differences from TLS 1.2

  188. RFC 5869 - Extract-and-Expand HKDF - 1. Introduction

  189. RFC 8446 - TLS 1.3 - 4.1.3. Server Hello

  190. RFC 8446 - TLS 1.3 - 6. Alert Protocol

  191. RFC 8446 - TLS 1.3 - 6.2. Error Alerts

  192. RFC 8446 - TLS 1.3 - 4.2.8. Key Share

  193. RFC 8446 - TLS 1.3 - 4.2.8.1. Diffie-Hellman Parameters

  194. RFC 8446 - TLS 1.3 - 4.2.8.2. ECDHE Parameters

  195. Navok, Svetlin - Practical Cryptography for Developers - Asymmetric Key Ciphers - Elliptic Curve Cryptography (ECC) - Private Key, Public Key and the Generator Point in ECC

  196. Navok, Svetlin - Practical Cryptography for Developers - Asymmetric Key Ciphers - ECDH Key Exchange

  197. RFC 8446 - TLS 1.3 - 7.1. Key Schedule

  198. Wikipedia - Pre-shared key

  199. RFC 8446 - TLS 1.3 - 2.3. 0-RTT Data

  200. RFC 8446 - TLS 1.3 - 4.2.9. Pre-Shared Key Exchange Modes

  201. RFC 8446 - TLS 1.3 - 9.2. Mandatory-to-Implement Extensions

  202. RFC 8446 - TLS 1.3 - 4.2.7. Supported Groups

  203. RFC 8446 - TLS 1.3 - 4.2.11. Pre-Shared Key Extension

  204. RFC 8446 - TLS 1.3 - 4.2.3. Signature Algorithms

  205. RFC 8446 - TLS 1.3 - 4.4.2.2. Server Certificate Selection

  206. RFC 5869 - Extract-and-Expand HKDF

  207. RFC 8446 - TLS 1.3 - 7.4. (EC)DHE Shared Secret Calculation

  208. RFC 8446 - TLS 1.3 - 4.3. Server Parameters

  209. RFC 8446 - TLS 1.3 - 4.3.1. Encrypted Extensions

  210. RFC 8446 - TLS 1.3 - 4.3.2. Certificate Request

  211. RFC 8446 - TLS 1.3 - 4.4.2.4. Receiving a Certificate Message

  212. RFC 8446 - TLS 1.3 - 4.4.2.1. OCSP Status and SCT Extensions

  213. Wikipedia - OCSP stapling - Solution

  214. RFC 8446 - TLS 1.3 - 4.4.2.3. Client Certificate Selection

  215. RFC 8446 - TLS 1.3 - 4.4.3. Certificate Verify

  216. RFC 8446 - TLS 1.3 - 4.4.4. Finished

  217. RFC 8446 - TLS 1.3 - 4.6.3. Key and Initialization Vector Update

  218. RFC 8446 - TLS 1.3 - 5.5. Limits on Key Usage

  219. Luykx, Atul - Paterson, Kenneth G. - Limits on Authenticated Encryption Use in TLS

  220. RFC 8446 - TLS 1.3 - 4.6.1. New Session Ticket Message

  221. SSL Shopper - What is a CSR (Certificate Signing Request)?

  222. GEEKFLARE - Kumar, Chandan - How to Setup Apache HTTP with SSL

  223. Wikipedia - Forward Secrecy - Definition

  224. Wikipedia - HTTP Strict Transport Security

  225. Wikipedia - HTTP Strict Transport Security - HSTS mechanism overview

  226. MDN web docs - HTTP - HTTP headers - Strict-Transport-Security - Description

  227. MDN web docs - HTTP - HTTP headers - Strict-Transport-Security - Preloading Strict Transport Security

  228. Wikipedia - HTTP Strict Transport Security - Limitations

  229. MDN web docs - HTTP - HTTP headers - Strict-Transport-Security - Directives

  230. hstspreload.org - Submission Requirements

  231. hstspreload.org - Removal

  232. GlobalSign Support - Root & Intermediate Certificate Bundles

  233. NGINX - Configuring HTTPS servers - SSL certificate chains

  234. RFC 6960 - PKIX Online Certificate Status Protocol - OCSP - 2. Protocol Overview

  235. RFC 6960 - PKIX Online Certificate Status Protocol - OCSP - 3.1. Certificate Content

  236. RFC 6960 - PKIX Online Certificate Status Protocol - OCSP - 2.1. Request

  237. RFC 6960 - PKIX Online Certificate Status Protocol - OCSP - 4.1.1. ASN.1 Specification of the OCSP Request

  238. RFC 6960 - PKIX Online Certificate Status Protocol - OCSP - 2.2. Response

  239. RFC 6960 - PKIX Online Certificate Status Protocol - OCSP - 4.2.1. ASN.1 Specification of the OCSP Response

  240. RFC 6960 - PKIX Online Certificate Status Protocol - OCSP - 3.2. Signed Response Acceptance Requirements

  241. RFC 6961 - TLS Multiple Certificate Status Extension - 1. Introduction

  242. RFC 6066 - TLS Extensions: Extension Definitions - Abstract

  243. RFC 6066 - TLS Extensions: Extension Definitions - 8. Certificate Status Request

  244. RFC 6960 - PKIX Online Certificate Status Protocol - OCSP - 4.2.2.2. Authorized Responders

  245. RFC 6960 - PKIX Online Certificate Status Protocol - OCSP - 4.2.2.3. Basic Response

  246. RFC 6961 - TLS Multiple Certificate Status Extension - 2.2. Multiple Certificate Status Request Record

  247. RFC 4366 - TLS Extensions

  248. Chung, Taejoong - APNIC - Is the web ready for OCSP Must-Staple?

  249. hstspreload.org - Information

  250. RFC 5246 - TLS 1.2 - F.1.1.3. Diffie-Hellman Key Exchange with Authentication