Security

• TLS, PKI, and Secure Protocols: How Encrypted Web Traffic Works · 2025-11-18

  A deep technical guide to TLS, certificate validation, key exchange, record protection, modern cipher suites, TLS 1.3, QUIC, and practical deployment best practices for secure networked applications.

• CHERI and Capability Hardware: Memory Safety at the Gate Level · 2025-03-11

  How CHERI Concentrate compression, the load barrier for temporal safety, and the Arm Morello prototype are reshaping what it means to build a secure processor — and why formal verification of capability integrity is the hard part.

• Software Supply Chain Security: SBOMs, Sigstore, Reproducible Builds, and Attestation · 2022-04-19

  An in-depth guide to securing the software supply chain: SBOMs, provenance, Sigstore, SLSA, reproducible builds, code signing, and operational best practices.

• Trusted Execution: Intel SGX Enclaves, AMD SEV-SNP, Attestation Protocols, and the Confidential Computing Promise · 2021-03-25

  A deep exploration of trusted execution environments — how SGX and SEV encrypt computation, the attestation protocols that verify enclave integrity, and the promise of confidential computing that protects data even from the cloud operator.

• Capability-Based Security: CHERI Architecture, Hardware Capabilities, Spatial and Referential Safety, and Compartmentalization · 2021-02-26

  A deep exploration of the CHERI capability architecture — how hardware-enforced capabilities provide spatial memory safety, referential integrity, and fine-grained compartmentalization at the instruction level.