I know that ESNI and certificate encrytion in Server Hello are aimed at preventing eavesdropping from the hostname and ESNI hasn't been taken into practice for common web servers yet.
Even though, I am still curious about:
How does tls 1.3 encrypt certificate in Server Hello to prevent eavesdropping? And how does the client decrypt it and get the certificate?
I found a good post A walkthrough of a TLS 1.3 handshake but have some difficulty in reading it.
http://dlvr.it/S0vrxw
G:7-Security (Cyber Security Research and Global Information Security Services)
No comments:
Post a Comment