Certificates Gone Bad! Certificate Revocation Techniques Explained (CRL, OCSP, OCSP Stapling)

When the private key of a matching public key that belong to a certificate is leaked, an attacker can intercept server hello, use their own dh parameters sign it with the stolen private key and ship it to the client effectively doing MITM. This is extremely dangerous and we have no way in the client to know a MITM has happened. That is why a certificate sometimes has to be revoked, and in this video I’m going to discuss those revocation techniques. 0:00 How Certificate Works 3:00 Certificate Revocation List 4:10 OCSP 7:00 OCSP Stapling

Om Podcasten

Welcome to the Backend Engineering Show podcast with your host Hussein Nasser. If you like software engineering you’ve come to the right place. I discuss all sorts of software engineering technologies and news with specific focus on the backend. All opinions are my own. Most of my content in the podcast is an audio version of videos I post on my youtube channel here http://www.youtube.com/c/HusseinNasser-software-engineering Buy me a coffee https://www.buymeacoffee.com/hnasr 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses