// Wireshark pcap // davidbombal.wiki/tlsedpcap // Ed's TLS course // davidbombal.wiki/edtls49 Use coupon code: "BombalTLS" to get for $49 // MENU // 00:00 ▶ Introduction 02:11 ▶ How SSL/TLS is shown in a browser 02:40 ▶ Pre-Requisites 05:15 ▶ Data Integrity/Hashing 06:27 ▶ Potential Problems with Hashing/man in-the-middle attack 07:32 ▶ Message Authentication Code 10:09 ▶ Prerequisites continued 11:51 ▶ Symmetric Encryption 12:45 ▶ Asymmetric Encryption 17:00 ▶ Private and Public Keys 20:05 ▶ Signatures 21:55 ▶ Protocols 22:50 ▶ SSL/TLS Handshake, Client Hello and Server Hello 28:35 ▶ Client Hello and Server Hello in Wireshark 34:09 ▶ Certificate 35:12 ▶ Server Done 35:35 ▶ Server Hello, Certificate, Server Hello Done in Wireshark 36:51 ▶ Client Key Exchange 50:26 ▶ Client Key Exchange in Wireshark 51:39 ▶ Client Change Cipher Spec and Finished/Encrypted Verification 54:08 ▶ Server Change Cipher Spec and Finished/Encrypted 56:10 ▶ SSL/TLS Handshake in Wireshark 57:44 ▶ Decrypting a PreMaster Key with a Private Key in Wireshark 1:03:15 ▶ Where to get in contact with Ed to learn more // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal TH-cam: th-cam.com/users/davidbombal // Ed's SOCIAL // Twitter: twitter.com/ed_pracnet TH-cam: th-cam.com/channels/KmU-GKiukM8LYjkJFb8oBQ.html // Ed's TLS course // davidbombal.wiki/edtls49 Use coupon code: "BombalTLS" to get for $49 // More detail on Ed's TH-cam channel and website // Asymmetric Encryption explained from a Practical Perspective: www.practicalnetworking.net/practical-tls/rsa-diffie-hellman-dsa-asymmetric-cryptography-explained/ RSA Algorithm: th-cam.com/video/Pq8gNbvfaoM/w-d-xo.html DH Algorithm: th-cam.com/video/KXq065YrpiU/w-d-xo.html Practical TLS - Crypto & SSL/TLS foundation: th-cam.com/play/PLIFyRwBY_4bTwRX__Zn4-letrtpSj1mzY.html // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
David! It was a ton of fun doing this video with you! Thanks for the opportunity! I love sharing some of the wonders of the SSL and TLS protocols =). Cheers!
CIA triad is about confidentiality integrity and availablity. Not authentication @ some where around in video at 3 to 4 min u mentioned it incorrectly..
@@dhirajverma8600 Some people put "authentication" in "Integrity". Some people list it as it's own service (as I did). This was intentional because achieving all three requires separate processes, which I use to frame the rest of my course picking apart TLS/SSL (that is in fact where these slides are from, is my TLS course).
Awesome to see Ed on your channel, he is without any doubt one of the best networking teachers I came accross. Especially him and Jeremy helped me a lot in passing my CCNA - actually just today!
Great to see this collaboration with Ed, been following his channel for a while now. He has a very good, natural, delivery style and hits all the detail without cluttering it up with unnecessary info. Fair play David for throwing some exposure his way.👏👏
I had in-person course with Ed, he is absolutely a very very talented instructor, I still remember the day he taught us about subnets, networking stuff, he just made all the things very easy to understand. Glad to see Ed again here!
Wow... I'm simply blown away with this content---between this and Chris Greer, I am learning so much about how networking works---beyond what I've learned in my career in the support trenches. I'm going to have to watch this one again--equipped with a notebook, and then go hit the site and buy the full course to expand that knownledge. Thanks for doing this, both yourself and Ed Harmoush!
David this type of content is amazing. I am loving these deep dives you are doing with other SMEs. This content is extremely helpful and I greatly appreciate you working out offer code deals to get content from the SMEs at a discount. Just purchased Ed’s TLS course and Chris’ wireshark course. Super excited to go through both of them! Keep these deep dives coming, the real world examples and the heavy usage of wireshark packet captures to demonstrate what is actually happening is VERY helpful. There are lots of resources online and offline with all the basics, I appreciate you diving into how things really work so we can get a better foundation to design and troubleshoot from. Keep this up, I’m looking forward to more protocols and more deep dives!
I got inspired by David’s positivity to give IT a try about a month. Am in classes now, found Ed H about a week ago and joined his discord. A great teacher!!!
I have read this comment literally on 100s of videos on TH-cam, but this one i am writing down in straight from my heart. Best video on TLS , i could understand it easily with so much details in it.
David and Ed are both gold mines of knowledge. Absolutely awesome knowledge sharing on this video, will be rewatching again for deeper knowledge. Loved it
Great video David and Ed! I would like to dig deeper on: 1. The client key exchange (the inner aspects of it) 2. Certificates Thanks for the video! Keep on posting more content.
Even after being in this area since last century it's always refreshing to see a well presented, easy to to follow, informative presentation by people who you can tell know their subject matter inside and out, well done both, thoroughly enjoyable video.
Amazing , I dont think so anyone can explain TLS with this much detail and in such a simple and crisp way. Love your work David and Ed. I never comment of videos but this one has made me to to comment and follow both of you!!!
Two masters of the game right here. Ed's channel is absolutely superb. TLS, OSPF, NAT etc can be quite complicated but he makes it so easy to absorb without leaving any stone unturned. Can't reccomend it enough. Been waiting for this collab. Cheers both 👍
This is a Gold mine!! I have been trying to find this explanation for quite sometime. Awesomely explained and i love the passion Ed. So the first thing i do support Ed by subscribing to his course and ensuring the knowledge stays with me in my repo. Thank you both of you!! Keep up the good work Ed and David. God Bless
I I’m an IT tec programmer and already know this , however I watched it whole it’s informative and simplified with real world examples , I do use my own encryption tho! “You can’t make the whole world be helpful like these guys !” most of us are lazy. I searched topics and found him XD
Superb presentation. The depth and abliity to present these complex topics in such a manner takes real skill. Ed i'm signing up to your SSl course tonight, i am tight but you've put so much work in these videos i feel you deserve something back.
Hey bro can you help me to decrypt my handshake plz I have tried almost all the thing like aircrack all kali linux wordlist, guthub, crackstation, hashcat, hashcat rules and also brutforce attack a entire weak on Google cloud
Now it's the about the 7th or more round to watch this and I think I have really decrypted the idea on this !!! Many thanks David and Ed. Keep the deep dive coming.
Thank you David for organising this wonderful session and introducing Ed with his brilliant content and teaching. Kudos to both of you on this presentation and on the awards you got !
David again thank you so much for making the analogies and simplified explanation. Thank you to your guest as well, absolutely brilliant presentation. David you chime in at the perfect time.
I had a job interview the other day and they I asked me about this SSL/TLS and I couldn't answer properly, this is very helpfull to know and very important info for any network engineer nowdays that security is very important.
This is practical networking. I subscribed his channel. Coz his explanations & teaching methods are such an amazing. Sorry david, your skills are best but this guy is even better.
This is good stuff, Ed and David. Thank you for helping me translating this to a network architecture that doesn't know anything about how the load balancer is the middle man to secure an SSL transaction.
This is the best presentation I've seen on this subject. In fact I wouldn't have minded even deeper delving into this, and every time David said "Let's not get too deep into this" I was like no, I want to hear more! I will definitely be adding this channel and also Ed's to my subscribe list.
Glad you enjoyed this =). Consider the course if you want to go really deep on all this stuff. It's easier to go deeper when the foundation has been properly laid.
Crystal crisp explanations, just like Chris Greer. Really enjoying this videos of yours David!!! To continue further with Ed, perhaps DH overview and what are common issues with ssl where things might get wrong...Cheers!!!
Excellent topic and very very detailed explained I will also need to watch this whole video in sections there is so much good information on it that Ed needed to explain quickly I imagine because of the time constraints. We definitely need to have him back with a series of videos instead. Thank you again, Ed is in my opinion one of the smartest ones I have seen on your list of guests and you have had very brilliant engineers on your channel Neil and John Hammond, WireShark Chris, and now Ed for TLS and other network topics explained the right way.
This is absolutely insane and awesome at the same time. Like always these deep dive sessions are great and they are dumbed down enough for me to understand LOL, keep them coming.
Thank you so much for taking up this and making it so simple. I know it is not that straightforward but the concept explained is the best way possible. Not sure if anyone could have explained it better than you did..
WOW! You had an episode with Ed! I don't think there is ANYBODY able to more accurately convey concepts of networking and security, than Ed Harmoush. This guy's content is 1000% the best,...cool. 😄(Any Ed student/fan will get that). I bought your classes on Udemy, David, and they are good, but Ed's explanation and illustration are top notch for making everything actually make sense. Honestly, a coll as b between you and Ed would make for the most informative outlet for CCNA that I've discovered in years. (Moreso than a Collab with network chuck, though I get that Collab, chuck has an infectious enthusiasm beyond what you or ed.have)
@@PracticalNetworking rereading my comment, I feel like it comes across as throwing shade at Chuck; that SO was not my intent - you all just have different instruction styles, and strengths and weaknesses, as we all do, and will appeal to different people at different stages in their journey or learning styles. All of you guys contribute SO MUCH to the community. All of you deserve a great amount of gratitude. Cool. 😄
Great video!!! I had recently been diving into these concepts more on my own and it was nice that you just happened to post this video lol I am definitely going to re-watch!
55:55 You need to watch this again? are you kidding me? this is 100 Gold Content, I need to watch this at least 10 Times, 1000 000 thanks! the content you create is amazing David!
Error at 3:43: The core CIA principles commonly referenced in cyber security stand for: 'Confidentiality', 'Integrity', and 'Availability'. Note. A is not for 'Authentication' That been said, 'authentication' is often referred to as an extended principle along with 'non-repudiation'.
There are multiple schools of thoughts on this. I chose to use CIA as Authentication because it's possible to do Integrity without truly having Authentication. Besides, the three terms (C. I. Authentication) are each provided differently in Cryptography and by TLS/SSL, and I use those three services to frame the rest of the course as we go deeper and deeper into TLS/SSL. Either way, it's just semantics in the end. =)
Hey bro can you help me to decrypt my handshake plz I have tried almost all the thing like aircrack all kali linux wordlist, guthub, crackstation, hashcat, hashcat rules and also brutforce attack a entire weak on Google cloud
Hey David. please call Ed for an ipsec deep dive ... There are lots stuff available but nothing comes close to what you guys (DAVID, CHRIS, ED) deliver. Thanks for sharing your amazing knowledge Ed.
Observation. C-I-A, commonly referred to as “A-I-C” instead (so as not to be confused with the US 3 letter agency), stands for Confidentiality-Integrity-“Availability”-not “Authentication”. That is according to CompTIA, but what do I care? I think the IT world has gotten pretty superfluous with their catchy chaining of terms and abundant security-centric phrases to describe stuff.
It's really good session on TLS handshake, appreciate your efforts. One piece of info missing is, how does client verify the certificate, there has to be bunch of validation checks that need to be done from client end for validation of certificate, identity validation, signature validation, time validation, revocation check, chain validation etc.
Yup! I have a whole series of lessons on how that happens. There's a hint of it in this video (LJDsdSh1CYM -- search for that in YT), but I cover it in more detail in the course.
@@davidbombal Recently, my company forced me to fix a lot of vulnerabilities on the web server and one of it is related to TLS and SSL. This course is just right on time for me to have an idea what TLS / SSL are about. My thanks again.
Would I be correct in understanding that integrity and authenticity are two sides of the same coin: the former protects against tampering by an *unintelligent* adversary (bit flip, lightning strike, script kiddie ignorant of hashing, etc.) while the latter protects against tampering by an *intelligent* adversary?
So... while I agree with you bit flipping is much easier than spoofing authentication, I don't know necessarily if I can consider them two aspects of the same coin. You can attain Integrity without Authentication. I'd recommend this video (the 2nd part in particular), it will help clarify: th-cam.com/video/aCDgFH1i2B0/w-d-xo.html
This is awesome. I would love a deeper dive into this, as deep as it can get. I will check out his channel to find more but please consider another video with him, thanks 🖤
// Wireshark pcap //
davidbombal.wiki/tlsedpcap
// Ed's TLS course //
davidbombal.wiki/edtls49
Use coupon code: "BombalTLS" to get for $49
// MENU //
00:00 ▶ Introduction
02:11 ▶ How SSL/TLS is shown in a browser
02:40 ▶ Pre-Requisites
05:15 ▶ Data Integrity/Hashing
06:27 ▶ Potential Problems with Hashing/man in-the-middle attack
07:32 ▶ Message Authentication Code
10:09 ▶ Prerequisites continued
11:51 ▶ Symmetric Encryption
12:45 ▶ Asymmetric Encryption
17:00 ▶ Private and Public Keys
20:05 ▶ Signatures
21:55 ▶ Protocols
22:50 ▶ SSL/TLS Handshake, Client Hello and Server Hello
28:35 ▶ Client Hello and Server Hello in Wireshark
34:09 ▶ Certificate
35:12 ▶ Server Done
35:35 ▶ Server Hello, Certificate, Server Hello Done in Wireshark
36:51 ▶ Client Key Exchange
50:26 ▶ Client Key Exchange in Wireshark
51:39 ▶ Client Change Cipher Spec and Finished/Encrypted Verification
54:08 ▶ Server Change Cipher Spec and Finished/Encrypted
56:10 ▶ SSL/TLS Handshake in Wireshark
57:44 ▶ Decrypting a PreMaster Key with a Private Key in Wireshark
1:03:15 ▶ Where to get in contact with Ed to learn more
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
TH-cam: th-cam.com/users/davidbombal
// Ed's SOCIAL //
Twitter: twitter.com/ed_pracnet
TH-cam: th-cam.com/channels/KmU-GKiukM8LYjkJFb8oBQ.html
// Ed's TLS course //
davidbombal.wiki/edtls49
Use coupon code: "BombalTLS" to get for $49
// More detail on Ed's TH-cam channel and website //
Asymmetric Encryption explained from a Practical Perspective:
www.practicalnetworking.net/practical-tls/rsa-diffie-hellman-dsa-asymmetric-cryptography-explained/
RSA Algorithm:
th-cam.com/video/Pq8gNbvfaoM/w-d-xo.html
DH Algorithm:
th-cam.com/video/KXq065YrpiU/w-d-xo.html
Practical TLS - Crypto & SSL/TLS foundation:
th-cam.com/play/PLIFyRwBY_4bTwRX__Zn4-letrtpSj1mzY.html
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
"8026 This link has been deleted by the owner." pcap unavailable
David! It was a ton of fun doing this video with you! Thanks for the opportunity! I love sharing some of the wonders of the SSL and TLS protocols =). Cheers!
CIA triad is about confidentiality integrity and availablity.
Not authentication
@ some where around in video at 3 to 4 min u mentioned it incorrectly..
@@dhirajverma8600 Some people put "authentication" in "Integrity". Some people list it as it's own service (as I did). This was intentional because achieving all three requires separate processes, which I use to frame the rest of my course picking apart TLS/SSL (that is in fact where these slides are from, is my TLS course).
Thank you so much for sharing your knowledge with all of us Ed!
Heading over to your channel 😀
@@israel-ie4vp
OMG! After 25 years I finally got my head around how those handshakes work and how security is done. Thank you very much, gentlemen!
Awesome to see Ed on your channel, he is without any doubt one of the best networking teachers I came accross. Especially him and Jeremy helped me a lot in passing my CCNA - actually just today!
Great to see this collaboration with Ed, been following his channel for a while now. He has a very good, natural, delivery style and hits all the detail without cluttering it up with unnecessary info. Fair play David for throwing some exposure his way.👏👏
Hi Frack =). Thanks for the kind words. It was loads of fun to do the collab with David !
@@PracticalNetworking Great explanation
I had in-person course with Ed, he is absolutely a very very talented instructor, I still remember the day he taught us about subnets, networking stuff, he just made all the things very easy to understand. Glad to see Ed again here!
Wow... I'm simply blown away with this content---between this and Chris Greer, I am learning so much about how networking works---beyond what I've learned in my career in the support trenches.
I'm going to have to watch this one again--equipped with a notebook, and then go hit the site and buy the full course to expand that knownledge. Thanks for doing this, both yourself and Ed Harmoush!
You're welcome Dwayne!
Thank you very much David for having Ed from practical networking on your show.I am very delighted to see him with you
I appreciate that David acts as an mediator between all these professionals and starting hackers, who are trying to find their way. Great concept.
Easily one of the best IT related videos I've ever watched....and I've watched hundreds as an online IT student.
Thank you for the kind words, Robert. Glad you enjoyed this !
David this type of content is amazing. I am loving these deep dives you are doing with other SMEs. This content is extremely helpful and I greatly appreciate you working out offer code deals to get content from the SMEs at a discount. Just purchased Ed’s TLS course and Chris’ wireshark course. Super excited to go through both of them! Keep these deep dives coming, the real world examples and the heavy usage of wireshark packet captures to demonstrate what is actually happening is VERY helpful. There are lots of resources online and offline with all the basics, I appreciate you diving into how things really work so we can get a better foundation to design and troubleshoot from. Keep this up, I’m looking forward to more protocols and more deep dives!
Cheers, Kyle. Happy to do more of these =)
Ed Harmoush is the best instructor in the world. I purchased his TLS course last year & could not be more satisfied - highly recommened
I got inspired by David’s positivity to give IT a try about a month. Am in classes now, found Ed H about a week ago and joined his discord. A great teacher!!!
Hey Kaizen =) Welcome to the world of Networking! ^_^
Immediately subscribed to Ed after the first 10 mins of the video. He is so good at explaining the concepts. Thank you David for sharing this collab.
I have read this comment literally on 100s of videos on TH-cam, but this one i am writing down in straight from my heart.
Best video on TLS , i could understand it easily with so much details in it.
Thank you for the kind words, Rahul. Glad you enjoyed it =)
David and Ed are both gold mines of knowledge. Absolutely awesome knowledge sharing on this video, will be rewatching again for deeper knowledge. Loved it
Glad you enjoyed the video Sourav!
Cheers, Sourav!
Disagree, they are decrypting their own data using private key. 😂 . If they can tell how to get private key of another server then I agree wid you.
Great video David and Ed! I would like to dig deeper on:
1. The client key exchange (the inner aspects of it)
2. Certificates
Thanks for the video! Keep on posting more content.
Certificates would be fun to pick apart =)
By far the best video on TLS ive ever seen. Amazing.
I've learned more from David than any school. The knowledge bombs he has been dropping are just off the charts.
Thank you Ricardo! Sharing is caring - especially knowledge 😀
Even after being in this area since last century it's always refreshing to see a well presented, easy to to follow, informative presentation by people who you can tell know their subject matter inside and out, well done both, thoroughly enjoyable video.
Thanks for the kind words =). Glad you enjoyed the presentation!
Amazing , I dont think so anyone can explain TLS with this much detail and in such a simple and crisp way. Love your work David and Ed. I never comment of videos but this one has made me to to comment and follow both of you!!!
Glad you enjoyed this, Kamal. Cheers !
thank you so much for the quality I've never missed these long version video
Thank you!
Two masters of the game right here. Ed's channel is absolutely superb. TLS, OSPF, NAT etc can be
quite complicated but he makes it so easy to absorb without leaving any stone unturned. Can't reccomend it enough. Been waiting for this collab. Cheers both 👍
This is a Gold mine!! I have been trying to find this explanation for quite sometime. Awesomely explained and i love the passion Ed. So the first thing i do support Ed by subscribing to his course and ensuring the knowledge stays with me in my repo. Thank you both of you!! Keep up the good work Ed and David. God Bless
Cheers Avinash. Kind of you to say! Glad you enjoyed the course.
Nicely done, David and Ed! I wish I can force most IT pros to review this video... very useful explainer!
Thank you Wesley! Much appreciated!
Agreed =). Glad you enjoyed it, Wesley!
I I’m an IT tec programmer and already know this , however I watched it whole it’s informative and simplified with real world examples , I do use my own encryption tho!
“You can’t make the whole world be helpful like these guys !”
most of us are lazy.
I searched topics and found him XD
Superb presentation. The depth and abliity to present these complex topics in such a manner takes real skill. Ed i'm signing up to your SSl course tonight, i am tight but you've put so much work in these videos i feel you deserve something back.
Looks deep enough on my end. Happy to see the references to the individual Request for Comments (RFCs) in Ed's slides.
Thank you Raymond!
=) This was only scratching the surface! ;)
Sir, I bought your wireshark course. I think you are the best teacher on this platform.
Thank you Jayson!
deep was counted 346 times in 24 mins . truly got deep quickly deeply . I kid , great vid! thx so much
Hey bro can you help me to decrypt my handshake plz I have tried almost all the thing like aircrack all kali linux wordlist, guthub, crackstation, hashcat, hashcat rules and also brutforce attack a entire weak on Google cloud
Watched many Videos on TSL/SSL but the way you explained and even demonstrated with Wireshark was just great.. Thanks for this video
it's nice how informative this video is and with minimum amount of advertisement. this is what any video hosting should look like)).
That was the best tutorial on SSL I've seen. Ed is a fantastic layman's terms teacher. I'll definitely be taking up the coupon and doing the course.
Now it's the about the 7th or more round to watch this and I think I have really decrypted the idea on this !!! Many thanks David and Ed. Keep the deep dive coming.
Thank you David for organising this wonderful session and introducing Ed with his brilliant content and teaching. Kudos to both of you on this presentation and on the awards you got !
Ed is a TREASURE!
@@VideosfromElle
TLS, Cryptography, Session mgt, Tunneling everything explained in a single session.. amazing superstuff
Glad you enjoyed it!
The best explanation I have ever come across about TLS. Thank you
David again thank you so much for making the analogies and simplified explanation.
Thank you to your guest as well, absolutely brilliant presentation.
David you chime in at the perfect time.
Glad you enjoyed it, Millacent. Cheers!
Thank you Devid and Ed Harmoush :) for this video 🙏
I think this is the only video on TH-cam that explains the TLS handshake in such detail.
Congratulations David and Ed on your awards! And thank you for this enjoyable and informative lecture.
Thanks Geoffrey! Cheers!
I had a job interview the other day and they I asked me about this SSL/TLS and I couldn't answer properly, this is very helpfull to know and very important info for any network engineer nowdays that security is very important.
It is great to meet ed, It has been always to complicated topics when I was in school. Loved it !!
I'm only 31 minutes in but this is the one video that finally made me feel comfortable with what's going on with certs!
This is practical networking. I subscribed his channel. Coz his explanations & teaching methods are such an amazing. Sorry david, your skills are best but this guy is even better.
This is good stuff, Ed and David. Thank you for helping me translating this to a network architecture that doesn't know anything about how the load balancer is the middle man to secure an SSL transaction.
This is the best presentation I've seen on this subject. In fact I wouldn't have minded even deeper delving into this, and every time David said "Let's not get too deep into this" I was like no, I want to hear more!
I will definitely be adding this channel and also Ed's to my subscribe list.
Glad you enjoyed this =). Consider the course if you want to go really deep on all this stuff. It's easier to go deeper when the foundation has been properly laid.
Crystal crisp explanations, just like Chris Greer. Really enjoying this videos of yours David!!! To continue further with Ed, perhaps DH overview and what are common issues with ssl where things might get wrong...Cheers!!!
I used Ed's Subnetting and ACL videos when I was prepping for my CCNA. They were excellent and would highly recommend.
Thanks Jamie. Glad they helped you =)
Awesome! Awesome! Awesome! Content!!! One of the best and easy to follow explanations of this subject I’ve seen! Thanks David and Ed!
You're welcome, Chris! Glad you enjoyed it!
Excellent topic and very very detailed explained I will also need to watch this whole video in sections there is so much good information on it that Ed needed to explain quickly I imagine because of the time constraints. We definitely need to have him back with a series of videos instead. Thank you again, Ed is in my opinion one of the smartest ones I have seen on your list of guests and you have had very brilliant engineers on your channel Neil and John Hammond, WireShark Chris, and now Ed for TLS and other network topics explained the right way.
This is absolutely insane and awesome at the same time. Like always these deep dive sessions are great and they are dumbed down enough for me to understand LOL, keep them coming.
This guy is life saver xD. Amazing way of explaining stuff using simple layman analogies
Thank you so much for taking up this and making it so simple. I know it is not that straightforward but the concept explained is the best way possible. Not sure if anyone could have explained it better than you did..
Thank you for the kind words, Roshan. Glad you enjoyed it.
Commendable efforts. Greatly elucidated. Excellent work. Excellent dissemination. Bow down to the knowledge and to the ability to express effectively.
I feel slightly bad, cause you're giving us such EPIC information and education here!
Once again Mr David thanks so much. congratulations for hitting 900k followers. you have helped a lot of people. we really appreciate
WOW! You had an episode with Ed! I don't think there is ANYBODY able to more accurately convey concepts of networking and security, than Ed Harmoush. This guy's content is 1000% the best,...cool. 😄(Any Ed student/fan will get that). I bought your classes on Udemy, David, and they are good, but Ed's explanation and illustration are top notch for making everything actually make sense. Honestly, a coll as b between you and Ed would make for the most informative outlet for CCNA that I've discovered in years. (Moreso than a Collab with network chuck, though I get that Collab, chuck has an infectious enthusiasm beyond what you or ed.have)
@@PracticalNetworking rereading my comment, I feel like it comes across as throwing shade at Chuck; that SO was not my intent - you all just have different instruction styles, and strengths and weaknesses, as we all do, and will appeal to different people at different stages in their journey or learning styles. All of you guys contribute SO MUCH to the community. All of you deserve a great amount of gratitude. Cool. 😄
The content is so good! I learned so much!! Absolutely appreciate the efforts made to come up with this Technical Deep Dive video
Thanks for taking this topic, I was very much interested in knowing more and more about the SSL/TLS handshake. This video really helpful.
Glad you enjoyed it, Harshit =)
This was such a great video, I thoroughly enjoyed it and am the information that yall gave! Thank you both for your time putting this together!
Glad you enjoyed it, Justin!
Great video!!! I had recently been diving into these concepts more on my own and it was nice that you just happened to post this video lol I am definitely going to re-watch!
Great timing =)
Great Explanation, one of the rarest to have such deep understanding on TLS
Ed has so much of knowledge, that i can see , from all that i can say that
dialog
If I know even half of what you know, my little mind will explode
THIS PRESENTATION IS LEGENDARY MATE
Loved this TLS Handshake. I've been learning about https and tls for a while.
55:55 You need to watch this again? are you kidding me? this is 100 Gold Content, I need to watch this at least 10 Times, 1000 000 thanks! the content you create is amazing David!
Thank you! Love that! 😀
Thanks David and Ed 👌Superb stuff.
Very few guys can simplify and explain in so much depth.
This was a blast. Appreciate the technical analysis.
I feel like I have a much better understanding of TLS now, thanks to this video.
Great session. Ed from practical networking is awesome!
Thank you so much for doing this David! Ed is awesome, I watch his TH-cam tutorials and love his way of explaining technical concepts. 🌟🌟🌟🌟🌟
Thank you, James =)
Spectacular video. I will probably sign up for Ed's online SSL/TLS course.
Thank you both.
Quality time spent. Thanks David!
Awesome stuff, enjoyed lot, looking forward to see how Pre-Master secret shared with DH, Thank you both!!
Error at 3:43: The core CIA principles commonly referenced in cyber security stand for: 'Confidentiality', 'Integrity', and 'Availability'.
Note. A is not for 'Authentication'
That been said, 'authentication' is often referred to as an extended principle along with 'non-repudiation'.
There are multiple schools of thoughts on this. I chose to use CIA as Authentication because it's possible to do Integrity without truly having Authentication.
Besides, the three terms (C. I. Authentication) are each provided differently in Cryptography and by TLS/SSL, and I use those three services to frame the rest of the course as we go deeper and deeper into TLS/SSL.
Either way, it's just semantics in the end. =)
@@PracticalNetworking I appreciate the video however as much as it gets disregarded, I feel as if it should be the AIC triangle "A" for Availability
@@richardwarren2556 Glad you enjoyed the video, Richard. If this is the only critique in an hour long video, I'm still happy with the result =).
A really helpfull video. You deep dive videos are really good, I always enjoy watching your videos.
Very methodically explained. Thanks to both Ed and David.
This was absolutely awesome, I was not able to understand a lot of it, but what I did, was awesome.
Hey bro can you help me to decrypt my handshake plz I have tried almost all the thing like aircrack all kali linux wordlist, guthub, crackstation, hashcat, hashcat rules and also brutforce attack a entire weak on Google cloud
That's my TLS teacher! 😂 Go Ed !
Hey David. please call Ed for an ipsec deep dive ... There are lots stuff available but nothing comes close to what you guys (DAVID, CHRIS, ED) deliver. Thanks for sharing your amazing knowledge Ed.
Nice video 🔥🔥 btw I am following you from a long time and your videos are very informative . Keep going 🔥☺️
If you followed him a long time, you should have seen the videos he interviewed quite a few speakers on how to start Cyber Security. Dig it in
Thank you
@@tristix3721 Oki bro
This is wonderful! please do more of these!
Love to see another episode of this series...
David and I are in discussion to do another one later this month ;) Stay tuned!
Brilliant Tutorial guys. Will definately take a look at the full course.
Cheers Peter. Glad you enjoyed it !
This was really usefull and very clear explained thank you David and Ed.
You're welcome, Makal. Glad you enjoyed it!
Thank you David and Ed.
Free education!
Thank you David and Ed.
You're welcome, Andreius!
Good stuff, David, & Ed. Thank you.
It was great! Thanks Ed & David! Finally I got the point!
Wohoo!
@@PracticalNetworking I have just started your SSL/TLS training! Recommenended for everyone!
awesome video as always david. love to see stuff like this
thanks
Glad you enjoyed it =)
Observation. C-I-A, commonly referred to as “A-I-C” instead (so as not to be confused with the US 3 letter agency), stands for Confidentiality-Integrity-“Availability”-not “Authentication”.
That is according to CompTIA, but what do I care? I think the IT world has gotten pretty superfluous with their catchy chaining of terms and abundant security-centric phrases to describe stuff.
It's really good session on TLS handshake, appreciate your efforts. One piece of info missing is, how does client verify the certificate, there has to be bunch of validation checks that need to be done from client end for validation of certificate, identity validation, signature validation, time validation, revocation check, chain validation etc.
Yup! I have a whole series of lessons on how that happens. There's a hint of it in this video (LJDsdSh1CYM -- search for that in YT), but I cover it in more detail in the course.
This is a brilliant video thank you David and Ed. Clean to the point information. love it
Thank you David and Ed for this very useful video
You're welcome, Ruhide!
This is so useful as content. Thank you David and Ed.
Glad you think so!
Glad you enjoyed it, Trist!
@@davidbombal Recently, my company forced me to fix a lot of vulnerabilities on the web server and one of it is related to TLS and SSL. This course is just right on time for me to have an idea what TLS / SSL are about. My thanks again.
I am a subscriber of Ed paid course on tls ...He is just awesome trainer ! i am a big fan of jeremy it lab as well
Hi David sir ! Nice to meet you again with a good video #bombal
I am from india sir and its easy to understand ur video. thanks for ur such content !!
Glad you enjoyed it, Kumar!
Would I be correct in understanding that integrity and authenticity are two sides of the same coin: the former protects against tampering by an *unintelligent* adversary (bit flip, lightning strike, script kiddie ignorant of hashing, etc.) while the latter protects against tampering by an *intelligent* adversary?
So... while I agree with you bit flipping is much easier than spoofing authentication, I don't know necessarily if I can consider them two aspects of the same coin. You can attain Integrity without Authentication. I'd recommend this video (the 2nd part in particular), it will help clarify:
th-cam.com/video/aCDgFH1i2B0/w-d-xo.html
this is brilliant! learnt a lot today!
This is awesome. I would love a deeper dive into this, as deep as it can get. I will check out his channel to find more but please consider another video with him, thanks 🖤
We're doing a video soon on Certificates =)