Thread: How can I be sure that a CA is the CA he pretends to be

i became interrested in security little while ago not yet @ ease basic principle.

recent readings understood ensure site site expect in https connection with, must check certificate authentic. click on small padlock near https mark , read certificate. @ point should trust reading because it's decrypted public key of certificate authority responsible delivery of certificate.

well. @ point question is:

" how did browser manage public key of ca , how can ensure comes ca?"

ubuntu installion procedure automatically managing this?

these sites should explain how browser gets key , why cas aren't absolutely trustworthy.

ssl protocol: http://www.grc.com/sn/sn-195.htm

cas: http://www.grc.com/sn/sn-179.htm


why it's not perfect:

http://www.grc.com/sn/sn-223.htm

http://www.grc.com/sn/sn-243.htm

http://www.grc.com/sn/sn-262.htm

https://www.eff.org/observatory

Forum The Ubuntu Forum Community Ubuntu Specialised Support Security [ubuntu] How can I be sure that a CA is the CA he pretends to be

Ubuntu