Digital Certificates: Chain of Trust

Показать описание

This video explains how an Certificate (such as an SSL type) is validated by a client. Concepts discussed are digital signatures, Root CA and Intermediate CA.

This is the 3rd video in a series on encryption and certificates: Other videos are:
Introduction to encryption
Introduction to Digital Certificates

Dave Crabbe

Рекомендации по теме

Комментарии

At 14:27, you will see that the CNNIC cert is indeed listed in the keychain of the macOS (an oversight by me). However, built into browsers is a "black list" where the browser itself can invalidate a root certificate. So when Google found the breach, it added code to the next update of its browser that will effectively revoke CNNIC's root cert even though one appears in the operating system's certificate storage area. When users launched Chrome, it will search for an update.. when one exists it installs the new code and .. there.. that certificate is revoked and so Chrome will no longer validate CNNIC's certs. I believe that browsers have both white and black lists of root certs built into their code so they can add root certs, if they don't think one exists in the OS, or invalidate root certs. But all OSes have a central storage area for CA root certs so browsers don't need to store a complete list.

davecrabbe

This has to be the clearest, melodrama-free explanation of digital certificates on YouTube. Thank you for taking the time to explain this.

jimgloriavaughn

I finished my IT studies 2 years ago and never got clear in certificates understanding. Now I wanted to acquire this competence once for all. Watched many videos, still didn't get the thing. Then I found yours. This is masterpiece explanations, everything is now crystal clear into my mind. Most of the videos skip steps so it's not understandable. Thank you so much for this high quality lesson.

Ilitan

This is by far the best explanation on Certificates.

subrahmanyammamidi

One piece of information missing in this video that will be helpful: Data encrypted with the public key can only be decrypted with the private key, and data encrypted with the private key can only be decrypted with the public key. So notice that the hash of the SSL certificate is encrypted with the private key and can only be decrypted with the public key.

osirioncomputing

clear explanation without using any fluff or word salad, straight to the point! thank you!!!!

sahilsapra

Amazing explanation. What I couldn't understand for over 2 months was water clear in less than 30 minutes. Thanks.

messiweltmeista

Searched the Google, searched YouTube didn't find a good explanation of certificate for beginners, THIS VIDEO IS GEM IT HAS ALL THAT A BEGINNER NEED TO UNDERSTAND. THANK YOU FOR THE VIDEO!!!

ashayfernandes

Thank you Dave, excellent explanation!! Clear and direct. Agreed that this is the best chain certificate explanation I´ve ever seen to date.

MrEdgaravi

Excellent explanation! Searched everywhere to lean more about how the chain of trust worked in detail - finally found it here! Thank you!

ValliNayagamChokkalingam

I had so many doubts / confusion about digital signature and how it works, now i understood completely, thanks for the nice explanation

surendrababu

This is great and simple, finally someone covers how the certificate is verified to actually be from the specific CA.

thabangmasigo

Awesome tutorial. I am struggling to understan the chan of trust since ages and today this tutorial has cleared all my doubts. It made my day. Million of thanks to Dave. Long live and god bless you.

anilkommalapati

I'd like to echo what others have already said and thank you so much for such a clear explanation of this process. I have been able to explain PKI principles to colleagues from the knowledge learnt in this video. I've been an IT professional for the past 9 years and PKI principles have never really stuck but this one made the penny drop. Excellent work.

sharpie

Straight forward and comprehensive explanation. This is the only resource on the topic that made sense to me and filled in all the gaps.

jmrah

thanks for taking the time to post these videos. i'm a network engineer and your teaching and explanations are excellent! appreciate it!

dennisyi

Finally! found some quality material... and it was free. thanks

pja

The best explanation ever I've faced about "Chain of Trust".
By the way, you have the root certificate of CNNIC on your browser. :)

magawla

Sir, the video is simply perfect. I work in IT, I dont play a lot with certs or CA but this was to the point where i had enough to do my job. Thanks :)

philipperivest

This is the best explanation so far on the internet

AnhNguyen-vumc

Digital Certificates: Chain of Trust

Digital Certificates: Chain of Trust

Root Certificates vs. Intermediate Certificates Explained

SSL Chain of Trust | How SSL Chain Works | Root Cert, Intermediate Certificate, Server Certificate

Digital Certificates Chain of Trust

SSL Certificate Chain Explained (Game of Thrones style)

PKI - trust & chain of trust -why, who and how?

Certificates from Scratch - X.509 Certificates explained

Digital Certificates: Chain of Trust | Self-Signed Cert, Root Cert, Intermediate Cert, Server Cert

Fearless Data Protection: CCNA Security SSL/TLS

What are SSL/TLS Certificates? Why do we Need them? and How do they Work?

Intro to Digital Certificates

Key Players of SSL & TLS: Client, Server, Certificate Authority (CA) - Practical TLS

What are Digital Signatures? - Computerphile

PKI Bootcamp Basics of Certificate Chain Validation

Why digital certificate?

Certificates and Certificate Authority Explained

Digital Certificates Overview

How does HTTPS work? What's a CA? What's a self-signed Certificate?

AZ 204 — X509 Chain of Trust

How Does a Browser Trust a Certificate?

Applied Cryptography and Trust: 6. Digital Certificates and Trust

Cacert | Trust Store | Key Store in 3 minutes

Certificates - CompTIA Security+ SY0-701 - 1.4

Chain of Trust in einer PKI | Sicherheit im Netzwerk