this post was submitted on 29 Feb 2024
126 points (95.0% liked)
Asklemmy
44260 readers
971 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- [email protected]: a community for finding communities
~Icon~ ~by~ ~@Double_[email protected]~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
ELI5 of certificates:
The "s" in "https" in urls like "https://wikipedia.com" stands for "Secure".
When you connect to Wikipedia's computer to read something, how do you know if the content you get back is what they actually sent and wasn't altered by your friendly neighborhood hacker?
Wikipedia can "sign" the content before sending it you. They also give you a certificate telling you how they have a particular signature which has been verified by someone else whom you already trust, and how long this particular signature is valid for.
If a hacker tries to alter the document returned by Wikipedia, they wouldn't be able to sign the document correctly. If they tried to give a certificate with a different signature too, you would catch it because they wouldn't be able to fake the verification of the "someone you trust" so you'd catch the fake certificate.
Browsers handle all this stuff for us. If it detects something fishy, it'll just show an error along the lines of "could not verify certificate". In some cases, it's genuinely an issue where you/the website is under attack and you may get a virus.
In some other cases though, it's an issue of the certificate expiring and the guys at Wikipedia not being proactive about getting a new signature and certificate. If you are ABSOLUTELY CERTAIN that you're just dealing with a lazy developer and not a malicious hacker, you can tell your browser to ignore whatever issue it detected and show you the content that was returned by Wikipedia.
Thanks for attending my TEDx talk.