ETOOBUSY 🚀 minimal blogging for the impatient
It’s no secret that I’m intrigued by TLS (e.g. see the series starting at Bare-bones Root CA), and it’s also no secret that I’m an amateur at best. More space to learn and improve, take that Gurus!
I recently bought TLS Mastery by Michael W Lucas and I only started looking at it, but right now I’m already happy about the purchase. I’m keen to see how I can enhance the [ekeca] test script from the suggestions, in addition to learn more about the whole thing of managing a lab CA.
Yes, a lab CA, because (start of chapter 10):
Certificate Authorities are run by people. No, not people like you and I. Running a CA requires both discipline and meticulous attention to detail, qualities most of us only think we have. When given a choice between using an external Certificate Authority and running your own, you should almost certainly use an outside one for public facing systems.
This, at least, I was already aware of. Probably with the exception that
for public facing system, in my case
s/you should almost
Just going a bit further into the chapter, it’s clear that I need this book. It talks about the OCSP responder and I’m like What the heck is an OCSP responder?!? I’ll see.