Slower than expected
I got sick, so that put a damper on things. And watch was a little busier than expected. So I’ve fallen behind.
Firstly and most importantly, and perhaps unsurprisingly, the quality of the course plan is not very high. Claude has me reading entire RFCs. Ok, I’m not sure that’s the best way to learn something. I find RFCs not to be written for the uninitiated at all. You kind of have to know your way around before diving into one of these. I mean, it’s interesting, but I don’t understand most of it.
So I’ve really had to supplement a lot, and I’m just using the slides as a sort of “touch point” for what I should be learning, not necessarily following the plan to the letter.
Secondly, I’m not sure if the pace is very realistic. Perhaps I’m trying to learn TLS a little too deeply, and therefore moving too slowly, but it was my intention from the beginning to learn TLS at a very deep level. So I’m watching lectures on cryptography – (this series, very good btw):
– and trying to get a firm grasp on what the heck modulo math is (I know the modulo operator, but modulo math involves number theory, with which I am painfully unfamiliar) before trying to understand the Diffie-Hellman Key Exchange, fundamental for TLS.
I have managed to gain a rudimentary intuition for what is happening in TLS however, and a very, very superficial understanding of the differences between TLS 1.3 and its predecessors. I’ve found the “paint-mixing” metaphor very useful as a mental model for how a shared key can be determined in public while also preventing eavesdroppers from figuring it out. But the math of it still evades my understanding by a good mile or two.
All that said, I am confident that what matters most is not keeping up with the plan that my AI assistant made (that would be a silly thing to prioritize) but that I’m systematically approaching an important topic in software and gaining a deep understanding of it. And I do feel that the “depth-first-search” approach I’m taking has served me well in the past. As a matter of fact, I happen to think that approaching a topic differently (i.e., to continue the imperfect analogy, a “breadth-first-search” approach), yields a sort of understanding that is both flimsy and fleeting, and is more likely to be off the mark. To put it simply, if I don’t understand fully what a high-level overview is referring to when they say ECDHE vs. RSA, reading that part of the overview is kind of a waste of my time.
To argue with myself however, a “BFS” approach has its merits in some cases. Sometimes you do just need a rough and ready sketch of something rather than a fully complete mental model. If I were to go down every single rabbit hole I’d never get anything done.
But for this, my goal is a deep understanding, so I’m going to go down every rabbit hole. We’ll see, I may feel differently in the next report!