Julia Evans does it again. If you ever wanted to understand SSL certificates, her post “Dissecting an SSL certificate” is for you. This part made me smile:
Picking the right settings for your SSL certificates and SSL configuration on your webserver is confusing. As far as I understand it there are about 3 billion settings. Here is an example of an SSL Labs result for mail.google.com. There is all this stuff like
OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
on that page (for real, that is a real thing.). I’m happy there are tools like SSL Labs that help mortals make sense of all of it.