Tech Notes

My notes on Statistics, Big Data, Cloud Computing, Cyber Security

Category Archives: Security

Digital Signing of objects

CA-CSR flow

How HTTPS works

2016-04-13_14h20_01

 

  1. Browser connects to a web server secured with SSL
  2. Server sends a copy of its SSL Certificate, including the server’s public key
  3. Browser (mostly) already has a list of CA certificates with it. It validates the server certificate root against a list of trusted CAs. If OK the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key encrypted using the server’s public key
  4. Server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.
  5. Server and Browser exchange data encrypted with the session key

 

Disclaimer : These are my study notes – online – instead of on paper so that others can benefit. In the process I have used some pictures / content from other original authors. All sources / original content publishers are listed below and they deserve credit for their work. No copyright violation intended.

References for these notes :

https://www.digicert.com/ssl.htm