Part 3 Securing communication channels
By now you’ve seen the cryptographic building blocks—hashes, HMACs, AES, RSA, and elliptic curves—and you know how they work in isolation. But security isn’t just about the math; it’s also about trust. Who are you really talking to? Can you be sure that the keys you’re using belong to the right person or system? How do you keep conversations private when the network itself can’t be trusted?
Part 3 connects the building blocks into systems that establish trust and protect communication over hostile networks. You’ll start by learning how digital certificates and public key infrastructure solve the “who are you talking to?” problem (chapter 8). You’ll follow the life cycle of a certificate from creation to validation, renewal, and even revocation. You’ll see how to handle self-signed certificates and set up your own certificate authority for local development (chapter 9). Finally, you’ll see it all come together with Transport Layer Security (TLS; chapter 10), the protocol that secures the modern internet, protects against eavesdropping and impersonation, and keeps data safe in motion.
Throughout Part 3, the ACME, Inc. case study keeps you grounded in real-world software systems. You’ll experiment with tools like OpenSSL, configure Spring Boot apps with certificates, and understand how tools such as Kubernetes ingress controllers and service meshes handle TLS at scale.