This talk was very useful to me, thank you for the upload.
@wfenwick3 жыл бұрын
at 6:40 the authentication is right but then the flow diagram at 7:18 shows conversation between the two devices and the Certificate Authories, which isn't needed to be a real-time communication. The validation of the cert is primarily completed computationally... the assurance of the certificate is augmented by checking a CRL with an external party using OCSP... but one can configure that either way. Use very short period certs and avoid running a CRL/OCSP like Lets Encrypt wants everyone to do
@steli254 жыл бұрын
This is for NGINX Plus ... misleading title ... :-(
@jimithompson74422 жыл бұрын
You missed a LOT of cast of characters. Alice and Bob even have their own Wikipedia page.