Differences

This shows you the differences between two versions of the page.

--- ssl_overview [2016/05/10 15:56] – created luke7858
+++ ssl_overview [2024/05/23 07:26] (current) – external edit 127.0.0.1
@@ Line 19: / Line 19: @@
 \\
 \\
-Client encrypts message with a public key supplied by the website that ONLY the server can decrypt!!
+Client encrypts their messages with a public key supplied by the website that ONLY the server can decrypt with their private key
 \\
 NOTE: This private key needs to be stored in a safe location on the server with the correct permissions and so it is NOT accessible by anyone outside the server
@@ Line 25: / Line 25: @@
 \\
 == Step 2 ==
-To prevent an attack on the certificate, this cert is cryptographically signed by someone else's private key so that the signature can be verified by anyone who has the corresponding public key.
+To prevent a 'man-in-the-middle' attack on the certificate, this cert is cryptographically signed by someone else's private key so that the signature can be verified by anyone who has the corresponding public key.
 \\
+== Certificate Authorities ==
+Certificate Authorities (CA) sells their private key as a service to sign certificates for companies.
+\\
+A private key from a vendor such as 'Thawte', 'Verisign' etc can be used as nobody else can gain access to this key. NO one can forge their signature.