Compressing Certificates in TLS | The Backend Engineering Show

Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com Certificates provide a way to authenticate both the server and the client and are included as part of the TLS handshake. However, the certificates can be large because the full certificate chain is included in the handshake. The large certificates can go up to 10KB in size and take multiple segments to deliver and assemble. RFC 8879 discusses how TLS compression can be achieved, I discuss that in this podcast. Enjoy. 0:00 Intro 4:15 Certificate Chain 6:00 Faking the chain 8:50 Certificate Stores 10:30 Including ROOT cert in the chain 12:00 The performance penalty of large certificate chain 20:15 RFC 8879 TLS Certificate Compression 23:00 How Compression Works in TLS 1.2 vs TLS 1.3 30:30 What could go wrong? Resources https://datatracker.ietf.org/doc/rfc8879/ https://www.rfc-editor.org/rfc/rfc5246 https://www.rfc-editor.org/rfc/rfc6928.html

Om Podcasten

Welcome to the Backend Engineering Show podcast with your host Hussein Nasser. If you like software engineering you’ve come to the right place. I discuss all sorts of software engineering technologies and news with specific focus on the backend. All opinions are my own. Most of my content in the podcast is an audio version of videos I post on my youtube channel here http://www.youtube.com/c/HusseinNasser-software-engineering Buy me a coffee https://www.buymeacoffee.com/hnasr 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses