10 min listen
Certificates Gone Bad! Certificate Revocation Techniques Explained (CRL, OCSP, OCSP Stapling)
Certificates Gone Bad! Certificate Revocation Techniques Explained (CRL, OCSP, OCSP Stapling)
ratings:
Length:
10 minutes
Released:
Dec 14, 2020
Format:
Podcast episode
Description
When the private key of a matching public key that belong to a certificate is leaked, an attacker can intercept server hello, use their own dh parameters sign it with the stolen private key and ship it to the client effectively doing MITM. This is extremely dangerous and we have no way in the client to know a MITM has happened.
That is why a certificate sometimes has to be revoked, and in this video I’m going to discuss those revocation techniques.
0:00 How Certificate Works
3:00 Certificate Revocation List
4:10 OCSP
7:00 OCSP Stapling
That is why a certificate sometimes has to be revoked, and in this video I’m going to discuss those revocation techniques.
0:00 How Certificate Works
3:00 Certificate Revocation List
4:10 OCSP
7:00 OCSP Stapling
Released:
Dec 14, 2020
Format:
Podcast episode
Titles in the series (100)
Episode 02 - Stuck at your job? by The Backend Engineering Show with Hussein Nasser