RedHat provides an extensive explanation of certificates, what they are, and how they authenticate web sites, servers, clients, or people.
The Linux Documentation Project provides a “how to” about SSL certificates.
Durumeric, Kasten, Bailey, and Halderman presented 2013 results of a large-scale analysis of certificates actively used by SSL/TLS sites.
Here are articles about the CA failures:
The site sslmate.com provides an extensive timeline of public key security failures, mostly involving public-key certificates.
To verify a web site’s identity, a browser uses a copy of the public key used by the authority that created the web site’s certificate.
Video notes: cys.me/vid/c13
Video #14 describes how web browsers handle the multitude of certificate authorities used today to sign web server certificates vimeo.com/208879048
The previous video describes the digital signature process vimeo.com/208191369
See the entire Cryptosmith series in its album vimeo.com/album/4229550