Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Yeah, I guess you've got the basic core of it down there.
Your analogy describes public key cryptography really well. Your pens that are exchanged are the public keys and the glasses are the private keys.
SSL is built on public key cryptography but there are also a lot more things to consider, for your own understanding.
For example how can I prove that the pen I got from B is actually from B and not from an evil C ?
Is there a way I (as C) can send random messages to one of you and look at your responses and work out important information, can I work out what your 'glasses' (private key) look like?
I think your analogy is good for public key cryptography, SSL is public key cryptography ++
I'm pretty sure Shakespeare didn't say that.
Me: Let's grab something for dinner!
GF: Sure, but let's go somewhere safe
Me:
When you're about to do a payment and the payment form is loaded without an SSL connection/certificate... Come...
So I was thinking about SSL and trying to understand it (random thought that just came up while eating lunch). I came up with this analogy, not sure if maybe I've heard it before... Is this understanding correctly?
A and B want to send letters but make sure no one other than them can get in on the conversation or impersonate them.
Each is able to create a pen and glasses that must be used to see the ink.
So when they first connect, they exchange the pens.
So even if a middle man can duplicate the pen he can't actually read what anyone is saying. And if he tried to write something, the receiver will know it's not sent by the other since it makes no sense. So they then write a new letter and agree to send each other new pens and use new glasses?
question
ssl