A Matter of Trust

We need to have a conversation about trust if you are going to be using services on securing labs cloud. You are going to get allot of conflicting messages about 'security', warnings, that are actually harmless if you understand how we establish trust with Securing Labs.

For simplicity sake, Securing Labs uses web based applications as a consistent way to interact. The goal is to reduce requirements of the user to needing a web browser, and a certificate for authentication and protection of data. The challenge comes down to establishing a way of exchanging trusted data, such that the user can easily authenticate, access and protect their communications with Securing Labs.

[info] Information

When using Securing Labs cloud services, various domains related to service offerings will attempt to create private TLS encrypted sessions, but with warnings in your browser. When connecting to Securing Labs Cloud, these warnings are informational and do not present a real threat.

Securing Labs Cloud has private certificates for the following publicly available domains:

• securinglabs.online
• seclab.cloud
• seclab.ninja
• seclab.fail

For the authentication and protection of users in Securing Labs, most services require an encrypted channel to be accepted by the user from an unknown certificate. This document will assist you in understanding what that means, and how to manage the trust relationship.

Since we do not have 3rd party validation of our domains, user level access to private Securing Labs services must first be sponsored by a current Securing Labs Cloud user, and then validated by phone. Once confirmed, this document will describe how to manage your access with only a certificate and a web browser.