How certificates actually work
Vložit
- čas přidán 20. 05. 2024
- In this video, I explain how TLS/SSL certificates and HTTPS work along with why we need it.
00:00 Intro
01:00 Symmetric Key Encryption
1:43 Asymmetric Key Encryption
2:28 Creating Secure Connection
4:54 What's a Certificate
5:45 Digital Signatures
6:53 How Certificates are created
7:37 How Certificates work
8:56 Chain of trust
This video is awesome!!!
Excellent explanation
merci a tout video ❤
woooooow this is so so so good
We've been doing all that SSL certificate stuff for more than 2 decades so none of it explains why Google removed the padlock icon in Chrome. Also in a counter argument against your reasoning, Chrome still notifies users when a website doesn't use a certificate/SSL or if the certificate being used is invalid for some reason so they are still notifying users whether a site is secure or unsecure which leads to perceptions of safe and unsafe.
What I heard about Google wanting to remove the padlock icon - I heard this news before the icon was removed - was that because virtually every site was using SSL/TLS that always seeing the padlock became meaningless and redundant so they removed it so that when people saw the icon elsewhere or in the future it would be meaningful instead of merely typical.
Hi, great explanation! I just have a question. Can a malicious site sent a certificate that exactly like Netflix? With the same Subject, Subject Public Key, Issuer Name & Signature? Because all those infos seem to be public?
Hi, they certainly could, but the malicious actors wouldn't know the private key. So when the secret is encrypted with the public key and sent over to the bad actor, they wouldn't have the private key (that only Netflix has) to be able to decrypt the ciphertext. Since they can't decrypt the message, the connection wouldn't succeed.
Hope that helps!
@@BetaToProd Indeed, thank you