re: Brief(ish) explanation of how https works VIEW POST


This is a really nice article. By way of a little history, the specification that defines certificates is X.509, and is part of the series that describes the OSI Directory - which ended up simplified as LDAP. A certificate contains, in effect, a bunch of LDAP attributes - and so it literally can contain Bob's photo via the jpegPhoto attribute. That's not likely to happen, though, because a Certification Authority ought to only sign a certificate when it can verify every attribute within it.

One thing you haven't mentioned is revocation and status checking... But maybe I should write something on that.

code of conduct - report abuse