finaly i know gimana carae RSA + diffie hellman (ephemeral, new words. means ‘very short amount of time’) ngehindari man in the middle.
aku awale meker nek pihak ke 3, isa jadi man in the middle kalo diffie hellman tok. sekalipun dikasi rsa(public private key), yo jek iso dikasi man in the middle.
tros yapa carae dee ngehindari ngenean?
carae iku, di device ku ada list public key seng aku percaya i. iki seng di sebut network certificate, Certificate authority. iku literaly sebuah list seng disimpen di devicemu, dan katae mek isa ke update di windows update ato apapun lah tergantung device. nde linux, ini ke store nde /etc/ssl/certs.
jadi nek ada public key dari sebuah server ato apapun, tak cocokno mbe CA nde deviceku, tros kalo ada ato kelist, berarti bisa tak percaya and i know nek orang seng ngesend itu bener2 server itu.
isi file CA
thanks to this comment, from this video
