I only know that SSL is based on the two-key encryption method, where
the server sends its public key that the browser will use to encrypt a
session key that will be used to encrypt any HTTPS connection.
If I got it right, certificates are used to be positive that the
server the browser connects is indeed the right server, but I'm not
clear about how this part really works.
"Gilles Ganault" <email@example.com> wrote in message
> I'd like to understand what the recent breach at Comodo means in
> plain English
Certificate authorities are expected to follow their certification
policies to ensure that only Google can obtain a certificate for www.google.com, Microsoft for live.com et cetera. This is a prerequisite
for trusting them.
In this incident, a security breach at a registration authority allowed an
attacker to issue fraudulent certificates that were nevertheless signed by
Comodo and could therefore have been used successfully to impersonate e.g. www.google.com.