TLS Mastery updates, August 2020

Solar systems form out of vast clouds of particles and gas. Motes of dust aggregate, drawn together by their own minuscule gravity over innumerable aeons. Those aggregates creep near other aggregates, eventually colliding into heavier masses, and their combined gravity draws yet more matter. A cosmic observer with a really compressed sense of time would see nothing happen for millennia, then there would be a huge rush as all this matter sucks itself together and becomes so heavy that the innermost atoms are compressed into involuntary thermonuclear fusion. It looks quick, but most of the progress is invisible.

Writing this book is a lot like that.

I’ve used TLS and SSL for decades. I have debugged errors and battled bogus certificate chains. I have screamed the vilest obscenities at SSL Labs for daring to expose my weaknesses and, like every other sysadmin, have doused browser developers in kerosine as they slept and set them on fire. I had a good working knowledge of TLS, but writing about it demanded a deep plunge.

So: the book is about a quarter written.

Most of my time has been spent aggregating tiny details into facts, building those facts into knowledge, and fitting my experience into that knowledge. I’m not going to jinx myself by publicly declaring that I expect the mere writing to go quickly, of course, but I feel I have some decent aggregate chunks and am ready to start throwing them together.

The Princess Bride motif I was considering seems to be a natural fit. Which is good, because if a motif doesn’t fit naturally it’s the wrong motif. My subconscious brain recognized the suitability before my conscious mind did. (Weirdly, John Carpenter films would have also fit well. I did cosmic horror for the SNMP book, however, so my beloved Carpenter must wait for another suitable title.)

Some bits, of course, won’t fit. A stray comment from Ray Percival reminded me that this book doesn’t mention my personal favorite Great Evil: Oracle. You might not have noticed, but Oracle has exerted great efforts to earn my personal loathing. The conversation ed1conf and I had on the Great Beast is irrelevant to TLS.

“You’ve heard of Informix? DB/2? SQL Server 2019?”



“In that case I challenge you to a battle of integrity.”

“For the database?”


“To the death?”


“I accept!”

“Good. Then open your console. Read this, but do not click «agree».”

“I comprehend nothing.”

“What you do not comprehend is called a EULA. It is odorless, tasteless, devolves instantly into legalese, and is among the more deadlier poisons known to man.”

(deploys system)

“All right: where is the liability? The battle of wits has begun. It ends when you decide and we both click «agree», and find out who is right and who is sued.”

(much later)

“They all had a EULA. I spent the last several years building up a mastery of Postgres.”

You can still sponsor TLS Mastery either at the print level or ebook level. Don’t wait too long if you’re interested. The dust cloud is coming together faster and faster, and once fusion hits it’s all over.

Stalk me on social media