TLS - bobbae/gcp GitHub Wiki

Transport Layer Security (TLS), the successor of the now-deprecated Secure Sockets Layer (SSL), is a cryptographic protocol designed to provide communications security over a computer network.

https://en.wikipedia.org/wiki/Transport_Layer_Security

https://www.csoonline.com/article/3246212/what-is-ssl-tls-and-how-this-encryption-protocol-works.html

Google Certificate Authority service

https://cloud.google.com/certificate-authority-service

Using Google-managed SSL certificates

https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs

Cloud LB SSL certificates overview

https://cloud.google.com/load-balancing/docs/ssl-certificates

Google Trust services

https://pki.goog/

ACME

https://cloud.google.com/blog/products/identity-security/automate-public-certificate-lifecycle-management-via--acme-client-api

mTLS

https://www.f5.com/labs/articles/education/what-is-mtls

Mutual Transport Layer Security (mTLS) is a process that establishes an encrypted TLS connection in which both parties use X.509 digital certificates to authenticate each other. MTLS can help mitigate the risk of moving services to the cloud and can help prevent malicious third parties from imitating genuine apps.

https://buoyant.io/mtls-guide

Datagram Transport Layer Security

https://en.wikipedia.org/wiki/Datagram_Transport_Layer_Security

DTLS protects the transport of datagrams. When designing the protocol, security experts adhered to TLS as much as was possible. As a result, the number of new security techniques needed could be kept to a minimum, while preserving the code and infrastructure as much as possible. Therefore, DTLS offers as many security guarantees as TLS but reduces the need to use IPsec or design a custom application layer security protocol. The main difference between DTLS and TLS is that DTLS is built on UDP, while TLS uses Transmission Control Protocol (TCP).

https://hackcontrol.org/blog/what-is-dtls-and-how-is-it-used/

Vulnerabilities

https://www.csoonline.com/article/3212965/why-ssl-tls-attacks-are-on-the-rise.html

CA's and Certificates Issued

https://www.csoonline.com/article/3187338/know-the-limits-of-ssl-certificates.html

Chrome's Root CA Policy

http://www.chromium.org/Home/chromium-security/root-ca-policy

PSP

https://cloud.google.com/blog/products/identity-security/announcing-psp-security-protocol-is-now-open-source