How you clarified that a client isn’t actually the user but is the computer is not found on any other technology video. You break down even the simplest of concepts to ensure that the most basic / newbies to IT can follow along. Even myself I benefit when you break it down to the grassroots level, as your teaching us how to be teachers! Keep up the excellent work
Gigamon can work as the man-in-the-middle to decrypt TLS, forward traffic though the tool(s), loops back to the Gigamon where the traffic is re-encrypted..
SSL certificate needs to be installed in the web server i.e physical computer running a server software? Which means I can buy a SSL from anywhere and if provided by my web hosting, install it on the web hosting, which is just a Physical machine running software to respond to requests?
Sir...do you have more widely distributed cources thru Udemy which can provide affordable cost? your course is the best in whatever i have come across to date. It has the right graphics, width and depth and perfectly explained.
Truthfully, the slides are probably out of date at the moment. I think I recorded this in 2020. But I got the data from here if you want the most updated statistics: w3techs.com/technologies/overview/ssl_certificate
It's funny how often "smart toaster" is used when people discuss Internet of Things. I thought it appropriate when making this video to imply that *anything* can be an SSL Client. =)
Only from the Client's perspective. Specifically, that the Client's traffic does not have Non Repudiation guarantees because TLS does not know who the client is.
Isnt the certificate public and can be presented by a MITM to engage in a tls handshake. What mechanism is used in TLS to confirm that the server holds the private key
Absolutely! That is why we need a CA that we trust to create Certificates that we trust. We can verify the Certificate is from a legitimate CA because the Certificate is Signed by that CA. More info on Signatures: ua-cam.com/video/_zyKvPvh808/v-deo.html
@@PracticalNetworking oh I see. Thanks for the response. I’m learning for CCNA to get started on networking and move to Cybersec and went down a rabbit hole with HTTPS and SSL/TLS. Thanks a ton!
@@adryelgainza1686 You're welcome. If it piques your interest, you might want to look into the full course. I'm running a Promo through the rest of March. Link on my webpage (pracnet.net). For your CCNA, make sure you check out these two resources: ua-cam.com/play/PLIFyRwBY_4bRLmKfP1KnZA6rZbRHtxmXi.html www.practicalnetworking.net/index/ccna/
OpenSSL is simply a command set you use to manage/create certificates and keys. I'm actually 90% done with a free course unpacking all the main OpenSSL commands =). Stay tuned for that! As for which CA to use... there is actually a lot more to that question than I can answer simply. From a very simplistic perspective, I'd say just use Let's Encrypt. Beyond that, I'd refer you to the full Practical TLS course where I unpack all the nuance involved.
📢 *Black Friday / Cyber Monday Promotion*
👉 Practical TLS for only $50 (originally $297)
💻 Use code *BFCM2024* --> pracnet.net/tls
📅 Offer expires Dec 6
A lot of
Work goes into making these videos it is evident. Please continue these videos are golden.
Glad you're enjoying them, Hamza!
How you clarified that a client isn’t actually the user but is the computer is not found on any other technology video. You break down even the simplest of concepts to ensure that the most basic / newbies to IT can follow along.
Even myself I benefit when you break it down to the grassroots level, as your teaching us how to be teachers! Keep up the excellent work
=)
I agree, PN's videos are very well done, especially for the reason you gave!!!
One of the very best in terms of explaining network stuff in a very simple way, makes complex things easy to understand. Thanks a lot.
You're very welcome, thank you again for supporting the channel.
It was great to see the explicit list of the top CA's. More great lessons from this channel.
Guess you already made it to the SSL playlist =). Glad to hear you're enjoying this content, Gman!
Thank you for always making things easy to understand!
Truly appreciate you putting this out, thank you
so well explained !
I liked and subscribed
Gigamon can work as the man-in-the-middle to decrypt TLS, forward traffic though the tool(s), loops back to the Gigamon where the traffic is re-encrypted..
Concise and clear, subbed 😊
Another to the point snd great video 👏
Thank you again, Meraz =).
end point authentication:
client: optional
server: mandatory
Thanks for this video.
amazing works! Thanks
Hey Nice explanation man 👍
Makes amazing video on SSL/TLS, then proceeds to share HTTP link at 04:50 :)
Thank you a lot, I was confused about how we can visit websites without certificates :)
SSL certificate needs to be installed in the web server i.e physical computer running a server software?
Which means I can buy a SSL from anywhere and if provided by my web hosting, install it on the web hosting, which is just a Physical machine running software to respond to requests?
Yes. You can aquire a certificate form many sources and install it on any webserver that you own.
@@PracticalNetworking 😃 best networking teach ever! 🔥
Sir...do you have more widely distributed cources thru Udemy which can provide affordable cost? your course is the best in whatever i have come across to date. It has the right graphics, width and depth and perfectly explained.
Amazing lessons 🙌🏻🙌🏻🙌🏻Thank you so much! By the way who is the another 2% CA ? Thanks in advance
Truthfully, the slides are probably out of date at the moment. I think I recorded this in 2020. But I got the data from here if you want the most updated statistics:
w3techs.com/technologies/overview/ssl_certificate
🔰 hehe...’Smart Toaster’...I gotta check that out...❗️My family informally knows me as ‘Toast Boy’...as I always order extra toast 😃
It's funny how often "smart toaster" is used when people discuss Internet of Things. I thought it appropriate when making this video to imply that *anything* can be an SSL Client. =)
Interesting video.
in the day of IoT client providing the certificate becomes more and more common
True
If the client does not authenticate to the server, does this break the non-repudiation feature discussed in the last lesson?
Only from the Client's perspective. Specifically, that the Client's traffic does not have Non Repudiation guarantees because TLS does not know who the client is.
Awesome video
Thank you, Chaithanya!
Is it OK to think entity as client and server in this context?
always best 👍
Cheers, Ankur!
Isnt the certificate public and can be presented by a MITM to engage in a tls handshake. What mechanism is used in TLS to confirm that the server holds the private key
How can we get a promo on the course?
Promo currently running. See pinned comment.
@@PracticalNetworking got it thanks
Interesting that the speaker fails to mention that the initiator of the TLS handshake might be an application on a server.
What if someone creates a certificate to act as the server? How would the client know
Absolutely! That is why we need a CA that we trust to create Certificates that we trust. We can verify the Certificate is from a legitimate CA because the Certificate is Signed by that CA.
More info on Signatures: ua-cam.com/video/_zyKvPvh808/v-deo.html
@@PracticalNetworking oh I see. Thanks for the response. I’m learning for CCNA to get started on networking and move to Cybersec and went down a rabbit hole with HTTPS and SSL/TLS. Thanks a ton!
@@adryelgainza1686 You're welcome. If it piques your interest, you might want to look into the full course. I'm running a Promo through the rest of March. Link on my webpage (pracnet.net).
For your CCNA, make sure you check out these two resources:
ua-cam.com/play/PLIFyRwBY_4bRLmKfP1KnZA6rZbRHtxmXi.html
www.practicalnetworking.net/index/ccna/
Great info 👍, can please tell more about pros and cons and when to use or when not
OpenSSL vs this five Certificate authorities
Thanks 😊 .
OpenSSL is simply a command set you use to manage/create certificates and keys. I'm actually 90% done with a free course unpacking all the main OpenSSL commands =). Stay tuned for that!
As for which CA to use... there is actually a lot more to that question than I can answer simply. From a very simplistic perspective, I'd say just use Let's Encrypt. Beyond that, I'd refer you to the full Practical TLS course where I unpack all the nuance involved.
4:21
Thanksss
You're welcome =)
👍👍👍
👍