11 Transport Layer Security (TLS): How the internet is secured

 

This chapter covers

  • Understanding how TLS secures communication over untrusted networks
  • Discovering what TLS actually protects you against, and what it doesn’t
  • Applying TLS works in practice across browsers and servers
  • Identifying common pitfalls in TLS configuration and how to avoid them

The internet is like a noisy city full of people who love to listen in. Every time your phone or computer sends something, like logging into your bank, ordering sushi, or sending a file, it’s a bit like whispering a secret in a crowded Starbucks. If you're not careful, anyone nearby can hear it. Even worse, someone might grab the message, change your tiramisu to a cheesecake, or pretend to be your bank.

TLS gives you an encrypted briefcase (so no one can read your message), a signature wax seal (so they know it’s really from you), and a way to confirm that the recipient isn’t some villain in disguise. It’s the technology behind that little padlock in your browser. And without it, the web would be a free-for-all of stolen passwords, fake websites, and identity theft (figure 11.1).

Figure 11.1 When surfing the Internet from a public network, you never know who shares the network with you. For this reason, all communications need to be secured.

11.1 Securing communication with TLS

11.1.1 How it all started

11.1.2 TLS and mTLS

11.2 What TLS actually protects you against

11.2.1 Protection from eavesdropping

11.2.2 Making sure there’s no tempering

11.2.3 Avoiding impersonation

11.3 TLS in practice

11.4 Exercises

11.5 Summary