No video :(

Revocation of digital certificates: CRL, OCSP, OCSP stapling

Подписаться 237 тыс.

Просмотров 76 тыс.

50% 1

Digital certificate are normally expired after one year, but some situations might cause a certificate to be revoked before expiration. How does a client check the revocation status? Here I introduce three methods: CRL, OCSP, & OCSP stapling. What are they? How do they work? You would find answers in this video.
Playlist: Advanced Cryptography -
• What is digital signat...
Playlist: Basic Cryptography
• Private Key Encryption...
Please subscribe to my channel!
Please leave comments or questions!
Many thanks,
Sunny Classroom

Опубликовано:

5 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 83

@michaeljimenez239 Год назад

Just want to say, i used some of your videos to pass my network plus and currently doing th same with security plus. I always find your explanations easier to understand than most other instructors. Thank you!

@johnhart6320 5 лет назад

As ALWAYS...your videos help me BIGTIME! Whenever I am in need of a CLEAR explanation on a technology that some other 'Off the Charts GEEK in the Weeds' tries to teach, I check and see if Sunny has a class to clear it up for me! Thanks Again Man!!

@sunnyclassroom24 5 лет назад

Thank you, John, for saying nice things about my videos. You are welcome. I wish I would complete my whole series in this area (about 200 videos) soon.

@MohenjinAdventure 4 года назад

I could not understand about CRL/OCSP/OSCP Stapling, but now I finally did. Thank you! You have been a great help!

@lesleycouch9542 Год назад

I knew I could count on you to explain this concept clearly and concisely. I get it now! Thank you Sunny!

@scottbiggs8894 4 года назад

Step 4, that all this happens "during the SSL/TLS handshake" was the puzzle piece I was missing. Thank you. And the music at end made me laugh. :)

@sunnyclassroom24 4 года назад

Thank you for watching!

@mimi7132 3 года назад

Exactly

@techlearner4806 4 месяца назад

Simple and easy language/demo used in video. All thanks to you.

@miriyalajeevankumar5449 4 года назад

The best content on this topic is your channel !!

@nattiyar614 3 года назад

This is by far the best explanation ever! Thank you so much!!

@TheSukramb 4 года назад

Truly awesome. Helps a lot because of your visualizations in addition to your explanation.

@sunnyclassroom24 4 года назад

Thank you for your time!

@jilanishaik8791 3 года назад

It's very nice explanation. Thanks Sunny

@chengluo5956 4 года назад

Simple and clear, that's all I need. Thank you Sunny!

@poncho8887 3 месяца назад

Thank you for your clear explanations for our understanding.

@Drawmeafatcat 3 года назад

crazy how complicated other people make this when you just explained it in 6 mins.

@34521ful 5 лет назад

Hi Sunny, great video once again! I think one thing I'd add for future viewers is that another thing browsers like Firefox and Chrome do are just push a software update if a certificate must be revoked as soon as possible

@sunnyclassroom24 5 лет назад

thanks a lot for your information. I appreciate it very much.

@okbazoueghi6714 3 года назад

Great explanation!

@nkanakaraj 2 года назад

Awesome! This is the exact info I was looking for to troubleshoot an issue related to OSCP. Sunny! you very well explained CRL, OSCP, and OSCP-Stapling operations in a quick video. Thank you very much!

@ayatarek6612 3 года назад

Thank you so much this was very clear and helpful.

@nicholasbarning8250 5 лет назад

Excellent videos, very concise and easy to understand. Thank you

@sunnyclassroom24 5 лет назад

you are welcome!

@jaydawg91 2 года назад

As always your videos are clear and provide accurate information. Thank you, Sunny.

@ravichanderkt326 Год назад

You're Gifted By God.

@TheAhamedabdul 3 года назад

Thanks a lot Sunny! this is very clear and useful.

@sonurocks341 4 года назад

Great Videos. Very crisp explanation.

@sunnyclassroom24 4 года назад

Glad you liked it!

@jasonhoi85 4 года назад

thanks this is much clean then reading the text explaination

@sunnyclassroom24 4 года назад

Thank you for watching!

@101appsCoZa 4 года назад

another great video tutorial. thank you so much

@sunnyclassroom24 4 года назад

Thank you!

@tim6925 Год назад

thank you, thats a very clear explanation.

@marcosalameh8677 3 года назад

As usual soooooooo amazing!!!!!!!!!!!!!!!!!!!!!

@dr.r.aravindhanm.eph.d1046 2 года назад

Very Good Explanation

@aziz421973 5 лет назад

Very useful information, thank you so much.

@sunnyclassroom24 5 лет назад

You are welcome, Aziz.

@AmeenAltajer 3 года назад

Clear explanation, thanks man!

@ahmeddarwish3859 2 года назад

very good teacher.Thanks

@jeremygunter9877 3 месяца назад

Well done, thank you!

@andreaszetea-ster900 4 года назад

great work. Thank you

@sunnyclassroom24 4 года назад

Thanks

@asoteico9528 4 года назад

Greatly done Sunny...!!! 🥇🎖🏅

@HughJass-jv2lt 3 года назад

Bravo!! ❤❤

@johnnkoh2601 4 года назад

you are really good at explaining things. Thank you very much

@devendramhatre5007 4 года назад

Nicely Explained.... thank you sir

@sunnyclassroom24 4 года назад

You are most welcome!

@fa307 Год назад

great video, would be great if you could update this and make a video about certificate transparency (CT Logs)! :)

@grahammattingley9784 6 лет назад

Very helpful information - keep up the good videos and the good work

@sunnyclassroom24 6 лет назад

thanks a lot!

@rajeshgeorge6093 4 года назад

thanks very much

@sunnyclassroom24 4 года назад

You are so welcome!

@AyushmanAdhikary 2 года назад

Great video. Thanks for the explanation.

@kavi3841 3 года назад

Thank you sir

@sunnyclassroom24 3 года назад

All the best

@OmarJIBAR 2 года назад

Beautiful 👌

@dieglhix 4 года назад

All clear, thanks Mr. Subscribing now.

@sunnyclassroom24 4 года назад

Thanks for the sub!

@zowajoy7616 4 года назад

You are awesome 🙏

@sunnyclassroom24 4 года назад

Thanks!

@mimi7132 3 года назад

great explanation, thanks

@mofogie 4 года назад

well what if a domain spoofer simply forges a certificate?

@jibnathgautamhy1280 4 года назад

Thank you verymuch

@iyam1513 Год назад

Thanks for your video, "OCSP stapling" is quite smart solution, but for how long does web server cache OCSP Response from CA? And for how long does the client (browser) consider that the response is still valid (I mean as for standards)? I think this is the point of "lag" between revocation and outdated signed OCSP Response from web server. So it is important to note.

@deekusnotes3318 Год назад

Does it mean OCSP URLs no need to be added to firewall between client and server?

@ameenasif 2 года назад

So if an organization has issued certificates in thousands , and device1 comes with request , does webserver has stapled request for all thousand devices at that time , if its cached only on calls ? so when a signed response is received all it needs to do is verify certificate validity end date etc, no need to go to check revoked status as its trusted with cryptography i.e the signed response . is this right

@sriksrik8184 3 года назад

Hi Sunny, if the client from a ABC company domain accessing a website, how can it check the website certificates status from the ABC domains CA CRL list,,, does that mean that ABC domain CA will have constant updates, if so how,,,

@arber10 6 лет назад

Sunny, one more question: Which book(s) would you recommend for a deep dive in this topic? (I mean cryptography not just revocation.)

@sunnyclassroom24 6 лет назад

It depends how deep do you want to go? If you are just for CompTIA security + , you can use Comptia security+ guide to network security fundamentals 6th edition or 5th edition (cheaper).

@arber10 6 лет назад

Thank you. I will check this.

@greenboy7484 6 лет назад

hi sunny...can you explain how policy maping works in CA and sub-CA in another video?

@sunnyclassroom24 6 лет назад

I put it on my to do list. Many thanks!

@ishajain7020 5 лет назад

When certificates are stolen from CA, why those certificates need to be revoked. I mean we are already certificates, but harm stolen certificates will make.

@sunnyclassroom24 5 лет назад

Browsers make sure that all certificates are valid. It is like someone stole your credit card, and you want to report to your credit card company to revoke it. Otherwise, the thief will use your credit card. The same thing.

@RajivKumar-ee7xv 3 года назад

@@sunnyclassroom24Here I have a question, Private key of stolen certificate is always with the owner for whom CA issued certificate. So other details are always public. What was stolen from CA for that particular certificate?