|
|
|
|
|
|
by sdevlin
3277 days ago
|
|
|
It's impossible to bootstrap a secure connection without some preexisting trusted relationship. Otherwise, you'd always be vulnerable to middle-person attacks. Browsers solve this problem by bundling a number of trusted root certificates. (This is what they mean by "my trusted keys".) When you connect to some web site, the server sends you their certificate along with a chain of signing certificates up to some root of trust. Assuming the root certificate is among those your browser trusts, you can verify the signature chain and establish a trusted connection. |
|
|