Very nicely explained, could you please clear my below doubt: How would the client verify that cert is from the Server and not from Man in the middle? What is man in the middle(hacker) would send his certificate?

@abinarycode

9 ай бұрын

Hello, To answer your question, let's assume you trying to establish the connection with Google's server. Now, Google's server will already have a signed certificate created for itself from some certificate authority. This certificate will encapsulate the public key of the Google's server. Once this certificate reaches the client, then client would know that this certificate was generated for `google.com`. Now: 1. If someone replaces the Google's certificate with their certificate, then on verification client would know it doesn't belong to `google.com`, because a certificate contains the entity name (Eg: google.com) to which it belongs to. Hence, the handshake will fail. 2. Let's assume someone tries to manually edit and replace it's public key in the Google's certificate. In this case signature verification will fail. Hence the handshake will fail. In short, if anyone in between tries to edit or replace the certificate, then server certificate verification will fail at the client. Hence, it is unlikely for someone to fake the identity using TLS certificates. It is uniquely singed and generated from trusted certificate authorities. Before trusting a server, client does verify certificate authority chain that comes along. I hope, I answered your question, please let me know if there is still something I failed to clarify. Glad that you asked the question.

@giveitatry674

9 ай бұрын

@@abinarycode Thanks for your response. I don’t know anything about security. Just wanted to check how TLS works and came across your video. This was the first time I really understood the importance and relevance of Public Key Private Key and Certificates. You earned my subscriber, TBH earning my subscriber is as difficult as breaking TLS. Do you have any other Video which explains more certificates part of it, what is the host cert, what details it usually contains, like so of its field are optional. etc.

@abinarycode

9 ай бұрын

Sorry for the delayed response. Currently, I don't have more videos on technicalities of certificates, but I can keep this as a feedback and add to my upcoming pipeline of videos. Currently, I have a running playlist on Python that is yet to get more videos shortly. Post that I will mostly be creating videos around engineering problems like the one that you just saw and on system design. I have noted your feedback. On the other hand, if you really want to watch something immediately, then I would recommend watching this video on KZread which can definitely help you out: kzread.info/dash/bejne/qpN9mLOcY5i2pbQ.html Thank you.

Excellent video. Atlast i understood the concept of handshaking

@abinarycode

8 ай бұрын

Really glad that you liked it.

Thank you so much, buddy. I have gone through tons of videos searching for HTTP/HTTPS, but none of them can explain satisfactorily. The best part about your explanation was the pen-paper approach that you used. that helped even more than animation. Again thank you and keep it up...👍💫

@abinarycode

7 ай бұрын

Thank you for those kind words. I’m so glad that the video turned out to be helpful. 😇

thank you!

Awesome explanation, very exhaustive. 🙏

There are some people who understand the topic and some people that master the topic. In this short video the presenter gift us all making us becoming the master! Thank you and keep this gift you have by breaking complex knowledge and sharing it in the most subtle and friendly form.

@abinarycode

8 ай бұрын

Thank you for the wonderful comment. I am really glad that it was helpful.

I rarely liked any video in last 8 years of using utube, I liked this bcz I got deep explanation without any doubts.

@abinarycode

9 ай бұрын

That means a lot. Thank you. I am glad that the video was helpful.

Outstanding, thorough explanation . . . . . clearly thought out and delivered. This is exactly what I have been searching for. Thank you!

@abinarycode

10 ай бұрын

I am really glad that you found it to be useful. Do let me know if you found anything complicated. I will do my best to help you out. Thank you

I already know this concept but I enjoyed your explanation so much and learnt some new things. Thank you brother, you just earned my subscription.

@abinarycode

9 ай бұрын

Thank you 😊 I am really glad that it was helpful.

Much awaited topic. Thank you

@abinarycode

11 ай бұрын

Really glad that you liked it. If you need any help just comment down here. Will do my best to help.

very Clear explanation !! Kudos !!

@abinarycode

11 ай бұрын

Really glad that it helped. Please do let me know if it was difficult to comprehend at any point. I would try my best to help. Thank you :)

nice info ❤

@abinarycode

10 ай бұрын

Thank you. I am really glad that it was helpful. Please feel free to put up questions if you were not able to understand anything. I will do my best to help.

Great explanation..can you also make video on SSL pinning?

@abinarycode

9 ай бұрын

Glad that it was helpful. I have noted that now in my upcoming video list. I will surely post you a response here once that's out. Thank you.