Finally... a perfect, on-point, explanation for how CA certs are used to validate the source's public asymmetric key. Namely, comparing a decrypted "signature" (hash) using the CA's public key with a hash of the remaining certificate components. Excellent. Thanks.

Simply excellent. In a short 3 mins video, explain digital certificate to its core and better than any other much longer videos out there.

This is an excellent explanation on how a browser validates authenticity of a certificate. A must see video. I could not find better explanation anywhere else.

Thanks for the video, You explained clearly in 3 minutes

Man this is the exact video I was looking for. Such a simple explanation. Thank you very much sir.

This is great explanation, clear, accurate!

The Title is a little bit misleading but through the thumbnail i understood that the content of the video was exactly what i was searching for, sir please change the title to something like How Digital Signatures are used with Digital Certificates, this will help many people as your video really explains the key concepts of this, thank you very good job!

I thought we were talking about Digital signatures not certificates.

@amitkoren948

5 жыл бұрын

Digital Signatures are usually used to verify certificates. This is a simple, quick and clear explanation of how it works. Maybe you confused digital signature with electronic signature?

@eanerickson8915

3 жыл бұрын

To verity the signature you need to verify the signers public key. You do this by checking the certificate.

@kimjongun5073

3 жыл бұрын

haha, I only realized the title was Digital Signature after reading your comment!!

I can not understand someone speaking English, but their diagram is enough to understand the process. Congratulations! Thank you!

Thanks, i was always confused about how the certifiacte is verified, but you make this very clear (with the public key by the CA decrypting the signature and then comparing the so revealed hash with the hash you generate from the payload of the certifiacte).

The video answered my questions about the certificate authority topic.

engineer what do you thing of proof of signature protocol in XBY xtrabytes blockchain ecosystem?????

A part of the diagram that I found confusing was the attachment of the 'Signed certificate' rectangle at the bottom of the ID, Bob's public key, CA information. An improvement would be to include a separation between the CA information block and the Signed certificate block.

@weisanpang7173

2 жыл бұрын

The signature is part of the certificate, that's why there are shown together. Showing them separately would be misleading.

Thanks for the video. One naive question. How Alice would extract the Bob's Id, Public Key and CA information from a signed certificate?

@mikexue5104

4 жыл бұрын

only part of certificate(the lower shadow part shown in above diagram) is signed by CA, the other part is in clear human readable format. if hash (clear human readable part) == decrypt(signed part), then authenticity of certificate is true, otherwise the certificate is a forged one

i got a question. alice receives the certificate and with that also the info's like bob id, bob public key and ca info. then she compares the hashed infos with the decripted certificate ?

This is very well explained. I've had problem with one thing only, I didn't hear explicitly mentioned that CA send the signed hash of the message ALONG WITH the message (unhashed, unsigned) itself, so Alice receives the 4 part middle block in video, she calculates hash of message and decrypts signature, than compares hashes of the two.

Thank you for your great explanation.

Can I have a question? In all docs I have read the private key is only for decrypting but your demo shows encrypting private key for signature. So what is true ? :-)

@kornelijekovac9793

4 жыл бұрын

Private and public keys work in pair. What you encrypt with one, you can only decrypt with another. Since public key is already available to everyone, it is practical for the Authority to use it's private key to do something with certificate, since everyone can decrypt it and make sure that they are the one who certified. If we're talking about two-way communication, it is of no use for any server to send you data encrypted with their private key, since everyone can decrypt that data.

Is the certificate encrypted by CA or is it clear text and just the CA signature that is encrypted?

Easy to understand, great video!

thanks for the diagram, it was good

The user must compare hashes in the end, but how does the end user know what kind of hash to perform on the original unsigned certificate so that it will match the original hash? Is this information also stored in the unsigned certificate?

Great video. Explained very well

is there any pythonproject for this explanation ?

Good and clear explanation with 1 flaw in the last diagram. Public key is used to encrypt and Private key is used to decrypt only as opposed to what is shown in the diagram with CA public/private key. Please let me know if I am wrong. Thanks

@AneeshKarve

6 жыл бұрын

No, the whole point of PK infrastructure is that the public key can be used by anyone to verify the signature.

public key can be used to decrypt data encrypted by private key and vice versa.

2:29 commonly encryption is always done with public key. This this is very rare just wanted to confirm. CA's private key used for encryption.

@rajasekharkoduri

Жыл бұрын

Yes, signatures are always created by encrypting the data using the private key.

But to decrypt message attackers need bob's private key(asymmetric type), so they can't extract data right?

@kimjongun5073

3 жыл бұрын

The message has two parts: cleartext part (Bob's name, public key, CA's info, etc.), and signature. The signature was encrypted with CA's private key, and can only be decrypted with CA's public key which Alice can request based on CA's info. Maybe you can check out some videos on digital signature, it uses asymmetric encryption reversely.

What I found confusing, is when you say CA private key and CA public key, do you mean those are Bob's key? What are CA keys?

great video, thanks!

but how the recepient will verify the signature ??

thanks, short and clear 👍

What would happen if the data sent to B were all encrypted together?

a little to fast, but still very good!!!

Nice explanation, got some points though for accuracy: 1- The video needs to be renamed to something that is more relevant to public key certificates 2- CA's private key is COMBINED with the hash code to generate the digital signature, it is NOT used to encrypt the hash code 3- CA's public key is used to EXTRACT the message digest (hash code), it is NOT used to decrypt the digital signature

@kornelijekovac9793

4 жыл бұрын

commons.wikimedia.org/wiki/File:Digital_Signature_diagram.svg

Short and clear note

Pog Champ dude

Change the title to Digital Certificates

perfect

I thought i searched for digital signitures

12 hrs to my exam 😅