This course is designed to provide a very thorough understanding of Transport Layer Security and Secure Sockets Layer (TLS and SSL) – the protocols which are used to secure the vast majority of the Internet. The class will start with an overview of SSL, which will lead into a discussion of the Cryptography necessary to understand how TLS/SSL provides security to Internet communication; including a real example of the math behind RSA Key Generation, Encryption, and Signing.
The class will then be introduced to the whole SSL Process, from establishing a Public and Private Key pair to getting a signed Certificate from a Certificate Authority. Following that, we will take a closer look at the contents of a Certificate, a Private Key, and a Certificate Signing request. The student will then complete a collaborative lab where they set up their own Certificate Authority and use it to sign their certificates from the other students in the class.
Afterwards, the class will take a close look at exactly how a Client validates a Server’s Certificate – the heart of Public Key Infrastructure. The class will then discuss the concept of Certificate Chains: why they are important and how they work. Then we take a quick look at the different types of Certificates available (DV, OV, EV), before continuing with an explanation of the two primary means of revoking a compromised certificate.
Lastly, the class will tie everything together with a comprehensive look at what happens in the first few milliseconds of browsing to any HTTPS website… the SSL Handshake. Each message in the SSL Handshake and their contents are illustrated and explained. The lecture concludes with a look at the different variations of the SSL Handshake which allows for different features, extensions, and levels of security.
Finally, the students complete two additional labs. The first is designed to make them experts at determining complete, proper certificate chains. And the second one is a manual look at the Certificate Revocation process: how it works and its effectiveness.
This is an Advanced level, Deep Dive class that is built to take a student with some exposure to SSL and make them SSL Experts – students SHOULD have at least some exposure to SSL and/or SSL Certificates before attending this class The labs make use of certain Linux commands. Each student SHOULD have a basic understanding of what each of these commands do and hopefully have used these commands at least once before.
2 Days/Lecture & Lab
This course is designed for students with some exposure to SSL.