Remember your first HTTPS server? RSA keys, year+ certificates, and some openssl incantation you copied from StackOverflow. That's all outdated now.
TLS 1.3 threw out decades of cipher complexity. Snowden leaks moved Perfect Forward Secrecy from optional to mandatory. Let's Encrypt made certificates a free API call. And browser vendors are pushing certificate lifetimes down to 47 days.
This talk is a tour of modern SSL TLS. We'll cover what changed, why it changed, and what breaks if you don't make updates.
Thanks so much for the feedback @robconery!
What has surprised me in the past year is how much infrastructure still deals with certificates directly. Not so much the new systems built in the cloud, but a huge number of important systems still running on-prem and requiring RSA certificates for obscure reasons. This talk is targeting those folks primarily, and everything that changed while they weren't paying attention.
asymmetric keys and quantum is definitely in scope for the talk.
How about this for a better hook?