In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure protocol for browsing the web. They are also used in offline applications, like electronic signatures. An X.509 certificate binds an identity to a public key using a digital signature. A certificate contains an identity (a hostname, or an organization, or an individual) and a public key (RSA, DSA, ECDSA, ed25519, etc.), and is either signed by a certificate authority or is self-signed. When a certificate is signed by a trusted certificate authority, or validated by other means, someone holding that certificate can use the public key it contains to establish secure communications with another party, or validate documents digitally signed by the corresponding private key. X.509 also defines certificate revocation lists, which are a means to distribute information about certificates that have been deemed invalid by a signing authority, as well as a certification path validation algorithm, which allows for certificates to be signed by intermediate CA certificates, which are, in turn, signed by other certificates, eventually reaching a trust anchor. X.509 is defined by the International Telecommunications Union's "Standardization Sector" (ITU-T's SG17), in ITU-T Study Group 17 and is based on ASN.1, another ITU-T standard. (Wikipedia).
From playlist STAT 503
From playlist 708 hw 3
From playlist STAT 503
From playlist everything
From playlist STAT 503
From playlist Tutorial 8
From playlist STAT 503
Black Hat USA 2010: Exploiting the Forest with Trees 3/5
Speakers: Meredith L. Patterson, Len Sassaman One of the most difficult aspects of securing a protocol implementation is simply bounding the scope of the attack surface: how do you tell where attacks are likely to crop up? Historically, variations between implementations have led to some
From playlist Black Hat USA 2010
Clip 1/7 Speaker: Dan Kaminsky For more information go to: http://events.ccc.de/congress/2009/Fahrplan/events/3658.en.html
From playlist 26C3: Here be dragons day 3
DEFCON 18: An Observatory for the SSLiverse 1/4
Speakers: Peter Eckersley, Jesse Burns This talk reports a comprehensive study of the set of certificates currently in use on public HTTPS servers. We investigate who signed the certs, what properties they have, and whether there is any evidence of malicious certificates signed, directl
From playlist DEFCON 18-1
Excel Magic Trick 509: VLOOKUP with Dynamic Table using Table Nomenclature
Download Files: https://people.highline.edu/mgirvin/YouTubeExcelIsFun/EMT508-513..xls See how to create a dynamic table for the VLOOKUP function as well as a dynamic lookup area so that as you add new data or columns to the Lookup table, the VLOOKUP function and the labels in the lookup a
From playlist Excel Database Tricks
29C3: An Overview of Secure Name Resolution (EN)
Speaker: Matthäus Wander DNSSEC, DNSCurve and Namecoin There's about 100 top-level domains signed with DNSSEC and .nl recently hit 1M second-level domains. At this occasion, we take a look at the goods and the bads of DNSSEC deployment, including amplification attacks, Zensursula-like DN
From playlist 29C3: Not my department
ShmooCon 2012: A Blackhat's Tool Chest: How We Tear Into That Little Green Man (EN)
Speaker: Mathew Rowley Your organization has invested in a variety of tools to manage its information technology and the security of its systems. But it's a nightmare to synthesize this information so non-technical decision makers can make informed decisions and so information security an
From playlist ShmooCon 2012
NOTACON 2: Recent Attacks Against Hash Functions
Speaker: Matthew Fanto In recent months, a large amount of research into the security of cryptographic hash functions has revealed serious flaws in every widely used hash function, including MD4, MD5, RIPEMD, HAVAL, SHA-0, and SHA-1. These flaws have far reaching consequences, as hash fun
From playlist Notacon 2
Black Hat USA 2010: Black Ops of Fundamental Defense: Web Edition 3/6
Speaker: Dan Kaminsky Lets be honest: Year in, year out, we keep finding the same bugs in the same places, and wondering: Why don't they learn? Why don't developers use these beautiful tools we provide them -- parameterized queries, XSRF tokens, X.509 certificates, and escapes in all thei
From playlist BH USA 2010 - INFRASTRUCTURE
From playlist STAT 480
From playlist STAT 503
DevOpsDays Boston 2016- Debugging TLS/SSL by John Downey
I've found when working with many developers and operations folks that there is a real lack of understanding with regards to how TLS/SSL works. This talk was originally given internally at Braintree to help folks understand this important part of the stack.
From playlist DevOpsDays Boston 2016
Digital Signatures: RSA and El Gamal
We describe the theory and applications of digital signatures, and provide two examples of digital signature algorithms: RSA and El Gamal
From playlist PubKey
From playlist Tutorial 8