
Ask HN: Any tools to force TLS handshake to use “more secure” network? - plastroltech
Hey I&#x27;m not a security engineer but it occurred to me that when using an unsecured public WIFI network the real concern is in doing the initial TLS handshake over that network. My question is - If I switch my laptop to use a tethered network via my cellphone prior to hitting an HTTPS website and then switch it back to using the public WIFI after the connection has been established would I be improving my security while gaining the benefit of higher speed and cheaper wifi access (as opposed to doing the whole thing via the tethered connection)? If so are there any tools to handle this automatically?
======
wmf
_the real concern is in doing the initial TLS handshake over an unsecured
public WIFI network_

No, this isn't a concern due to PKI. (If you disagree with PKI you should stop
using the Internet completely.)

 _If I switch my laptop to use a tethered network via my cellphone prior to
hitting an HTTPS website and then switch it back to using the public WIFI
after the connection has been established_

This isn't possible because you have different IP addresses on those two
networks and once a TCP connection has been established on one IP address it
can't be moved to a different one.

~~~
plastroltech
WRT the second point, since HTTP is stateless doesn't it make a new connection
for every request via whatever network is available?

~~~
wmf
And each connection makes a new TLS handshake.

