• 1 Post
  • 22 Comments
Joined 1 year ago
cake
Cake day: August 14th, 2023

help-circle




















  • ELI5 of certificates:

    The “s” in “https” in urls like “https://wikipedia.com” stands for “Secure”.

    When you connect to Wikipedia’s computer to read something, how do you know if the content you get back is what they actually sent and wasn’t altered by your friendly neighborhood hacker?

    Wikipedia can “sign” the content before sending it you. They also give you a certificate telling you how they have a particular signature which has been verified by someone else whom you already trust, and how long this particular signature is valid for.

    If a hacker tries to alter the document returned by Wikipedia, they wouldn’t be able to sign the document correctly. If they tried to give a certificate with a different signature too, you would catch it because they wouldn’t be able to fake the verification of the “someone you trust” so you’d catch the fake certificate.

    Browsers handle all this stuff for us. If it detects something fishy, it’ll just show an error along the lines of “could not verify certificate”. In some cases, it’s genuinely an issue where you/the website is under attack and you may get a virus.

    In some other cases though, it’s an issue of the certificate expiring and the guys at Wikipedia not being proactive about getting a new signature and certificate. If you are ABSOLUTELY CERTAIN that you’re just dealing with a lazy developer and not a malicious hacker, you can tell your browser to ignore whatever issue it detected and show you the content that was returned by Wikipedia.

    Thanks for attending my TEDx talk.