Articles about encryption techniques.
If you want the technical informations for Limawi, take a look here.
The running of SSL/TLS
SSL/TLS is a protocol that provides server identity verification (for instance a web server like Limawi, in that case we speak about https because the protocol to access a web server is called http). This identity verification works with a certificate sent from the server.
Here is the protocol step by step (technical terms are present in the graphs):
- The client software asks the server its identity.
- The server sends a certificate signed by the certification authority trusted by both the client software and the server to the client software.
- The client software checks if the signature belongs to the certification authority it trusts.
- It sends a request to this certification authority to check if it ensures that the certificate is still valid.
- The client software and the server agree on a session key that will encrypt informations during a limited period (this time passed, another session key will take the place, the details for Limawi are explained in the graphs about the session key).
- The client software and the server can communicate in a secure way.
The HSTS extension
The HSTS extension is a http protocol extension (the protocol that loads webpages) reinforcing the SSL/TLS use.