GREAT video explaining digital certificates, thanks!!!
@devcentral
6 жыл бұрын
we are glad you found it helpful!
@darshanpurohit2757
5 жыл бұрын
@John perfact explanations in all tutorials!!! Learning from u thanks
@devcentral
5 жыл бұрын
glad you enjoy them!
@romeotango2676
6 жыл бұрын
Great video. Thanks for valuable information.
@devcentral
6 жыл бұрын
glad you enjoyed it!
@SwarnadeepNandy
5 жыл бұрын
Really awesome informative video. No bulshiting around, direct to the point information. Too good. I would request you to make a video on mutual authentication.
@devcentral
5 жыл бұрын
glad you enjoyed it!
@adarshrao1692
5 жыл бұрын
@@devcentral yes, mutual authentication
@Dvach_Hikka
6 жыл бұрын
Love your lessons.
@devcentral
6 жыл бұрын
glad you are finding them helpful!
@AmolGautam
3 жыл бұрын
Very helpful for interview preparation.
@devcentral
3 жыл бұрын
I'm glad it was helpful...and I hope you did well in the interview!
@oklasibai
5 жыл бұрын
it really helps me to understand better thanks!
@devcentral
5 жыл бұрын
glad you enjoyed it!
@manojgudimalla
5 жыл бұрын
Thanks for valuable information.
@devcentral
5 жыл бұрын
glad you enjoyed it!
@sunilkataria7439
6 жыл бұрын
My workstation is in a private network and does not have any Internet access. I then allow this workstation to access one https site (only one https site). Will it work, because my workstation can’t access URL given in the AIA (Authority Information Access) of digital certificate?
@dhanushm419
6 жыл бұрын
great video!!
@devcentral
6 жыл бұрын
glad you enjoyed it!
@gamerluke7
4 жыл бұрын
Thanks for the informative video, John. Though I am just wondering, what is benefit of generating the hash and then running the signature algorithm with that hash, rather than the entire contents of the certificate? Thanks
@devcentral
4 жыл бұрын
Hi Luke...great question! The reason for signing the hash is because of the resources it would take to sign the full contents of the certificate. It's much faster to hash it and then sign the hash. So, it speeds things up significantly to do it this way. You know how users are...they want stuff fast! No one wants to sit there and watch their favorite web page spin for a few minutes while the security mechanisms are at work in the background. Thanks again for the great question!!
@zenchiassassin283
4 жыл бұрын
@@devcentral do you have a video on Station to Station protocol?
@devcentral
4 жыл бұрын
@@zenchiassassin283 not at this point, but we can look at recording one. thanks!
@scottbiggs9846
3 жыл бұрын
How does the client know that the AIA is legitimate? It's the first thing I'd to when luring people onto my website--send them to one of my other websites for verification! Similar for the CRL.
@devcentral
3 жыл бұрын
Thanks for the great question/observation! The legitimacy of the AIA (and the other pieces of the certificate) really relies on the authenticity of the contents of the certificate being genuine. And this relies on the authenticity of the Certificate Authority creating a valid certificate that has all the correct (accurate) information in it. This is why it's important that the Certificate Authority (CA) sign the certificate and prove that all of its contents are genuine and correct. And, it's also important that the client (browser) interacts with certificates properly. So, in your example, if an attacker wanted to modify the URL of the certificate revocation location, then the attacker would need to figure out a way to modify that portion of the certificate without changing the hash value of the certificate from the CA. And, this relies on the strength of the hashing algorithm used to create the hash and sign the certificate. It's all a series of trust in processes/algorithms that we collectively believe to be reliable and trustworthy. Thanks again...and great observations!
@rahulreddy7513
4 жыл бұрын
Certificate also has the actual signature of CA using CA private key after hashing the entire content you mentioned . Isn’t it ?
@devcentral
4 жыл бұрын
Great question! Yes, the CA will typically sign the certificate using their private key so that the users will know that the cert is from the legitimate CA that it claims to be from.
@Rajuvadarevu
4 жыл бұрын
AIA is also https hosted, so it will have its own Digital Certificate which will contain another AIA, and that will contain another Certificate. So when this chain will stop ?
@scottbiggs9846
3 жыл бұрын
Yes, time has stopped while waiting for this question to be answered!
@adarshrao1692
5 жыл бұрын
thanks man. Quick question.. When we say certificate authentication, what are the things which are checked before authenticating ?
@devcentral
5 жыл бұрын
Hi Adarsh, great question! Typically, a client (browser) will check the server's certificate for expiration date, signature from valid CA, and valid cert chain before it will connect to the web server. If any of these things are not an expected value, then it will show a warning page to the user (cert invalid, cert expired, etc) and make the user accept the security risk before proceeding to the site.
@adarshrao1692
5 жыл бұрын
@@devcentral thanks.. My question was more with respectto Mutual auth. In mutual auth what parameters are generally checked to perform a succesful authentication connection
@MrMShake
3 жыл бұрын
does the certificate include the domain or even IP address of the server? if not how does the client verify identity if the certificate does not state it?
@devcentral
3 жыл бұрын
Great question! Yes, the certificate includes the domain name (or sometimes multiple domain names) of the server, so the client can match the identity.
@goodev
2 жыл бұрын
@@devcentral Yes, the domain information was missed on the whiteboard, and it was an important piece, imo. Also, it is not clear about the hash signature. What is used to create the hash and how exactly the hash is used? Is the hash signed? If the browser is verifying the certificate, would they need to generate the hash from the body of the certificate, use the public key to encrypt it and then compare it against the signed hash value in the certificate? Or is the hash use in any other way? Also, what is a certificate thumbprint?
@vivekchavan3170
4 жыл бұрын
Is this video mute?
@devcentral
4 жыл бұрын
Just checked it out and sound is working fine.
@juanjoseaguero6539
5 жыл бұрын
full theory....it would be better if you show some practical ...the protocol in real life action!
@anirudhreddybasani3555
5 жыл бұрын
just click on the lock symbol which on the left side of the search bar. Then click on certificate, go to details..there you will see all the details of the certificate practically for this youtube page.
@uncensoredx6291
7 жыл бұрын
How the hell u are writing...man are u writing backwards on mirror
@MikeDeanOfficials
7 жыл бұрын
Uncensored x they have done a video on it. Check dev central
@krs357
6 жыл бұрын
Dude's a wizard!
@sunilkataria7439
6 жыл бұрын
My workstation is in a private network and does not have any Internet access. I then allow this workstation to access one https site (only one https site). Will it work, because my workstation can’t access URL given in the AIA (Access Information Access) of digital certificate?
Пікірлер: 47