1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
# Useful Reading list for s2n-tls
## Books
* [Bulletproof SSL and TLS](http://www.amazon.com/Bulletproof-SSL-TLS-Understanding-Applications/dp/1907117040/) - great book by Ivan Ristic.
* [Implementing SSL / TLS using Cryptography and PKI](http://www.amazon.com/Implementing-SSL-TLS-Using-Cryptography/dp/0470920416/) - by Joshua Davies.
* [Introduction to Modern Cryptography, 2nd ed](http://www.amazon.com/Introduction-Cryptography-Chapman-Network-Security/dp/1466570261/) - Katz and Lindell
## RFCs and specifications relating to TLS/SSL
* [SSLv2](http://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html)
* [SSLv3](https://tools.ietf.org/html/rfc6101)
* [TLS 1.0](https://tools.ietf.org/html/rfc2246)
* [TLS 1.1](https://tools.ietf.org/html/rfc4346)
* [TLS 1.2](https://tools.ietf.org/html/rfc5246)
* [AES GCM for TLS](https://tools.ietf.org/html/rfc5288)
* [ECC cipher suites for TLS](https://tools.ietf.org/html/rfc4492)
* [TLS extensions](https://tools.ietf.org/html/rfc6066)
* [Application-Layer Protocol Negotiation Extension](https://tools.ietf.org/html/rfc7301)
* [TLS 1.3 draft specification](https://github.com/tlswg/tls13-spec)
* [SSLv3 is deprecated](https://tools.ietf.org/html/rfc7568)
* [Certificate Transparency](https://tools.ietf.org/html/rfc6962)
## ASN.1 and X509
* [X.509 PKI](https://tools.ietf.org/html/rfc4210)
* [X.509 PKI and CRLs](https://tools.ietf.org/html/rfc5280)
* [Layman's Guide to ASN.1](http://luca.ntop.org/Teaching/Appunti/asn1.html)
## Interesting implementations
* [MiTLS](http://www.mitls.org/wsgi/home) , and [TLS Attacks](http://www.mitls.org/wsgi/tls-attacks) in particular.
* [GoTLS](http://golang.org/pkg/crypto/tls/) - TLS as implemented in the Go programming language
* [OpenSSL](https://www.openssl.org/) - ubiquitous and reference implementation
* [LibreSSL](http://www.libressl.org/) - fork of OpenSSL maintained by a team from OpenBSD
* [BoringSSL](https://boringssl.googlesource.com/boringssl/) - fork of OpenSSL maintained by Google Security team
* [NSS](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS) - maintained by Mozilla, used by several browsers
* [AWS LibCrypto](https://github.com/awslabs/aws-lc) - Fork of BoringSSL maintained by Amazon
## Mailing lists and forums
* [IETF TLS Working Group](https://datatracker.ietf.org/wg/tls/charter/)
* [IETF CRFG](http://www.ietf.org/mail-archive/web/cfrg/current/maillist.html)
## Videos and tutorials
* [AWS re:Invent 2014: SSL with Amazon Web Services](https://www.youtube.com/watch?v=8AODa_AazY4) - nuts and bolts overview of SSL/TLS
* [AWS re:Invent 2016: Amazon s2n: Cryptography and Open Source at AWS](https://www.youtube.com/watch?v=APhTOQ9eeI0)
* [AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst of Controls](https://www.youtube.com/watch?v=zmMpgbIhCpw)
* [AWS re:Invent 2016: Automated Formal Reasoning About AWS Systems](https://www.youtube.com/watch?v=U40bWY6oVtU)
* [AWS re:Invent 2017: The AWS Philosophy of Security](https://www.youtube.com/watch?v=KJiCfPXOW-U)
* [AWS re:Inforce 2019: Cryptography in the Next Cycle](https://www.youtube.com/watch?v=iBUReOA8s7Y)
* [AWS re:Invent 2019: It’s always day zero: Working on open source and security](https://www.youtube.com/watch?v=3Me_eapZ1bI)
* [AWS re:Invent 2019: Leadership session: AWS security](https://youtu.be/oam8FDNJhbE?t=2481)
* [AWS re:Invent 2020: Building post-quantum cryptography for the cloud](https://www.youtube.com/watch?v=_GSDUXPpSgc)
* [An AWS approach to post-quantum cryptography](https://www.youtube.com/watch?v=ixn3A7htBnw)
* Illustrated Walkthrough of the entire TLS 1.2 Handshake: https://tls12.ulfheim.net/
* Illustrated Walkthrough of the entire TLS 1.3 Handshake: https://tls13.ulfheim.net/
## Miscellaneous
* [NIST SP 800-90A](http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf)
* [DJBs crypto page](http://cr.yp.to/crypto.html)
* [DJBs entropy attacks](http://blog.cr.yp.to/20140205-entropy.html)
* [NaCL](http://nacl.cr.yp.to/) and [libsodium](https://github.com/jedisct1/libsodium)
* [spiped](http://www.tarsnap.com/spiped.html)
|
