Overview
Explore the intricacies of certificate compression in TLS through this informative video from The Backend Engineering Show. Delve into the fundamentals of certificate chains, their potential size issues, and the performance implications of large certificates during TLS handshakes. Learn about RFC 8879, which introduces TLS certificate compression, and understand the differences in compression techniques between TLS 1.2 and TLS 1.3. Discover potential risks associated with certificate compression and gain insights into certificate stores, root certificate inclusion, and methods to optimize TLS handshakes for improved performance.
Syllabus
Intro
Certificate Chain
Faking the chain
Certificate Stores
Including ROOT cert in the chain
The performance penalty of large certificate chain
RFC 8879 TLS Certificate Compression
How Compression Works in TLS 1.2 vs TLS 1.3
What could go wrong?
Taught by
Hussein Nasser