Главная
Study mode:
on
1
Intro
2
TLS 1.2 ECDHE
3
Initial Handshake
4
Late Handshake
5
Handshake Complete
6
TLS record layer
7
TLS 1.3 handshake states
8
just a Config knob
9
a separate function
10
a check function
11
a Connection State field
12
Confirm Handshake
13
Exposing it to the HTTP handler
14
Other API changes
15
Interoperability testing
16
Patching the standard library
17
Keyless and GetCertificate
18
Where GetCertificate can't go
19
Enter GetConfigForClient
20
Last remaining: session tickets
21
Only use assembly crypto
22
File descriptor passing
23
Timeouts in Go 1.8
24
What about TCP keep-alives?
25
Keeping an eye on open connections
26
http.Server and tls.Conn
27
Dial and pool to nginx
28
HTTP/2 Push
Description:
Explore the implementation of TLS 1.3 at Cloudflare using Go's crypto/tls package in this 42-minute GopherCon 2017 talk. Dive into the intricacies of TLS 1.2 and 1.3 handshakes, record layers, and state management. Learn about API changes, interoperability testing, and standard library patching. Discover solutions for keyless operations, session tickets, and assembly crypto optimization. Examine file descriptor passing, timeout handling in Go 1.8, and TCP keep-alive mechanisms. Gain insights on managing open connections, http.Server and tls.Conn interactions, and HTTP/2 Push implementation.

Encrypting the Internet with Go

Gopher Academy
Add to list
#Conference Talks #GopherCon #Programming #Web Development #HTTP/2 #Information Security (InfoSec) #Network Security #TLS 1.3
0:00 / 0:00
1 of 28

Intro