Validating a Public-Key Certificate

Video Notes

RedHat provides an extensive explanation of certificates, what they are, and how they authenticate web sites, servers, clients, or people.

The Linux Documentation Project provides a “how to” about SSL certificates.

Durumeric, Kasten, Bailey, and Halderman presented 2013 results of a large-scale analysis of certificates actively used by SSL/TLS sites.

Here are articles about the CA failures:

The site provides an extensive timeline of public key security failures, mostly involving public-key certificates.

Vimeo Description

To verify a web site’s identity, a browser uses a copy of the public key used by the authority that created the web site’s certificate.

Video notes:

Video #14 describes how web browsers handle the multitude of certificate authorities used today to sign web server certificates

The previous video describes the digital signature process

See the entire Cryptosmith series in its album