… 2 TLS Configuration hardening in practice: Apache We will now look at how to harden TLS
configuration for a few services: Apache, Sendmail, Dovecot, OpenVPN... Since we talk about …

… is serviced through TLS capable of strongly hardening their passwords. We observe that any
TLS-… We modify mod_ssl, the module that offers TLS to any Apache web server, to act as a …

… with TLS. Instead of bogging you down with the details of how TLS works in almost every
chapter, I’ve put those details here as a quick reference in case you are curious about how TLS …

… In view of its importance, TLS has long been the subject of intense research analysis, … to
establish to what extent the TLS Handshake Protocol and the TLS Record Protocol are secure, …

… 70.1% supported TLS 1.3, while 99.9% still supported TLS 1.2, demonstrating … TLS 1.2 and
TLS 1.3. However, considering findings of the study, the analysis will primarily focus on TLS …

… We present X-Ray-TLS, a new target-agnostic TLS decryption method … TLS hardening,
such as certificate pinning and perfect forward secrecy. We benchmark X-Ray-TLS on major TLS …

… rely too naively on TLS. We present new client impersonation attacks against TLS renegotiations,
… We also demonstrate new ways to exploit known weaknesses of HTTP over TLS. We …

… privacy, this article deals with the current state of TLS and the involved PKI usage for accessing
online services by IoT devices. The reason for analysing TLS is that this is the only end-to…

… used in a TLS suite and their relative weaknesses. For these reasons, many different tools
have been developed to verify TLS implementations. However, they usually analyze the TLS …

… Given the importance of web servers and their inherent greater exposure to attacks, we
explore the hardening of Apache web server through the use of secure enclaves. This was …