Computer Systems Security: Winter 2018 Assignment 2
Please answer the following questions. There are ?? questions with ?? points. Submit your answers as a text or PDF file via cuLearn by February 28, 2018 at 10:00 AM. Be sure to put your name and student number at the beginning of your submission.
When answering each question, please indicate the sources of your answer. This could be a man page, your own experiments, discussion with a friend, or a website. Please list all your sources. You are allowed to collaborate; such collaboration should be clearly documented! If you already know an answer because of background knowledge you had before the class, that is fine, just state that this is the case.
Questions
- [2] Explain what a certificate is, in relationship to public keys, digital signatures, and other characteristics.
- [1] How does ssh verify the identity of remote hosts?
- [1] How do web browsers verify the identity of remote websites when connecting via TLS?
- [2] What is the threat model behind the design of the browser sandbox? Specifically, what kinds of attacks does the browser sandbox prevent (assuming it works as designed), and what kinds of attacks does the browser sandbox not prevent?