Jan 7 2024 Much like a previous talk of mine at Chaos Computer Congress this blog post is a direct write-up of a talk, if you prefer to consume this kind of content in video form you can watch the video here: When you connect to a TLS server you will generally get a certificate chain back ( added emphasis on the chain part of that). The server sends a set of x509 certificates that on one end is a certificate that concerns the domain that you are connecting to, and (most of the time) the other en...