Jump to content

Tech learning roadmaps…


dasari4kntr

Recommended Posts

Just now, ramudu said:

good luck bro , ee time lo interview  crack chesavu antee !Q

confirmation aite HR kada meeting pettali..

Hiring Manager to already oka round aindi ,,,malli interview emaina untada ani thinking.. @ramudu

Link to comment
Share on other sites

2 minutes ago, Spartan said:

confirmation aite HR kada meeting pettali..

Hiring Manager to already oka round aindi ,,,malli interview emaina untada ani thinking.. @ramudu

hmm , may be compensation emina matladuthadu emo , or process lo behavioral round lantidhi emina undi emo think_ww

Link to comment
Share on other sites

2 minutes ago, ramudu said:

hmm , may be compensation emina matladuthadu emo , or process lo behavioral round lantidhi emina undi emo think_ww

ade anukuntunna...leda interview lo ila feedback vachindi..will you be able to mend changes antademo..chuddam

Link to comment
Share on other sites

45 minutes ago, ramudu said:

@Hindhustani

I am confused with 3 & 4 points. 

-- How does the server know if it is a good or bad client as long as both can generate the symmetric keys? -  it really doesn't care , if you get public key  and generate symmetric key and use that to encrypt your data and send to server , server can decrypt it because only private key can decrypt it ... browsers does this backend for us (encrypting data using symmetric key) ..... 


-- on what basis can the client validate the server certificate? What is the source that the client knows is a valid certificate sent by the server.  - issue authority , time , validity period and few other parameters , this certificate is digitally signed by issuing authority like RSA , DigiCert etc... , browser validate with those authorities 

for 9th point 

any request that is going through the browser, we can see the payload/requests by checking browser/ developer tools in the network tab then
how it is secure/encrypted both from the web browser and http call made from POSTMAN? --- when you see the data means it is not in transmit mode ,before data enter to network , data is encrypted by public / symmetric keys , once it is encryipted , you can still see it using network tools like wireshark in encrypted format but you can not edit it , if you edit decryption with private key fail ... that is the whole concept of encryption here 
 

One follow up question bro, behind the scenes client / browser make call to CA if not self signed cert to validate cert? In this case both good and bad clients can validate cert and have symmetric key? to communicate with server? Or CA knows who is good or bad client/browser so that bad client can’t validate cert and can’t communicate with server?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...