How are ssl certificates verified?

by

Here is a very simplified explanation:

  1. Your web browser downloads the web server’s certificate, which contains the public key of the web server. This certificate is signed with the private key of a trusted certificate authority.

  2. Your web browser comes installed with the public keys of all of the major certificate authorities. It uses this public key to verify that the web server’s certificate was indeed signed by the trusted certificate authority.

  3. The certificate contains the domain name and/or ip address of the web server. Your web browser confirms with the certificate authority that the address listed in the certificate is the one to which it has an open connection.

  4. Your web browser generates a shared symmetric key which will be used to encrypt the HTTP traffic on this connection; this is much more efficient than using public/private key encryption for everything. Your browser encrypts the symmetric key with the public key of the web server then sends it back, thus ensuring that only the web server can decrypt it, since only the web server has its private key.

Note that the certificate authority (CA) is essential to preventing man-in-the-middle attacks. However, even an unsigned certificate will prevent someone from passively listening in on your encrypted traffic, since they have no way to gain access to your shared symmetric key.

More Related Contents:

  1. What is the best way to check the strength of a password?
  2. What is tail call optimization?
  3. How does the Google “Did you mean?” Algorithm work? [closed]
  4. Algorithm for Determining Tic Tac Toe Game Over
  5. How to find all combinations of coins when given some dollar value [closed]
  6. Find kth smallest element in a binary search tree in Optimum way
  7. Finding out nth fibonacci number for very large ‘n’
  8. Programmatically obtaining Big-O efficiency of code
  9. How to read values from numbers written as words?
  10. What is the best way to get the minimum or maximum value from an Array of numbers?
  11. How does one convert 16-bit RGB565 to 24-bit RGB888?
  12. Is there an algorithm that tells the semantic similarity of two phrases
  13. Find the first un-repeated character in a string
  14. Undo/Redo implementation [closed]
  15. How can I programmatically determine how to fit smaller boxes into a larger package? [closed]
  16. Programming Riddle: How might you translate an Excel column name to a number?
  17. How to find convex hull in a 3 dimensional space
  18. fitting n variable height images into 3 (similar length) column layout
  19. Calculating the position of points in a circle
  20. Strategies for simplifying math expressions
  21. What are the differences between segment trees, interval trees, binary indexed trees and range trees?
  22. Time Complexity of two for loops [duplicate]
  23. Sign of a symbolic algebraic expression
  24. Image Segmentation using Mean Shift explained
  25. How to count integers between large A and B with a certain property?
  26. Why is depth-first search claimed to be space efficient?
  27. Shortest path to transform one word into another
  28. Algorithm to simplify a weighted directed graph of debts
  29. How can I convert between a double-double and a decimal string?
  30. Optimized low-accuracy approximation to `rootn(x, n)`

Leave a Comment