SSLError, now what?
a talk by Christian Heimes
TLS/SSL is the most important and widely-used protocol for secure and encrypted communication, e.g. HTTPS. It offers more than just encryption. TLS also ensures data integrity and strong authentication with X.509 certificates. But it provides merely a false sense of security if you use it wrong.
Have you ever encountered SSLError while connecting to a server, but you didn’t understand what is going on? Are you running production code without TLS/SSL protection or with certificate validation disabled, because you couldn’t figure out how to make it work correctly?
I’ll give you the rundown of the basic cryptographic building blocks, protocol handshake, inner structure of certificates, and PKI. You’ll learn about the best practices, debugging tools and tips how to diagnose TLS/SSL and how to deal with certificates.
This talk is suitable for both beginner and advanced Pythonistas.
I'm one of the maintainer of CPython's ssl module, contributor to OpenSSL, PyOpenSSL, and PyCA Cryptography.
In my day job at Red Hat, I'm a security engineer for identity management (freeIPA), public key infrastructure (Dogtag PKI), and related technologies.