Certificates gone bad | The Backend Engineering Show - podcast episode cover

Certificates gone bad | The Backend Engineering Show

The Backend Engineering Show with Hussein Nasser
Oct 08, 202128 min
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Certificates contain useful metadata including the public key, domain name, signature, etc. However, the private key can be leaked which causes the certificate to be invalid/dangerous to keep around. In that particular situation, we need a mechanism to revoke certificates and that is what I’m going to discuss in this show.


0:00 Intro

0:30 Why Certificates

12:00 Certificates can go bad

14:50 Certificate Revocation Lists (CRLs)

18:30 OCSP (Online Certificate Status Protocol)

20:40 OCSP Stapling

24:30 Best certificates are short

26:30 Summary

Become a Member on YouTube

https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

🔥 Members Only Content

https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg

Support my work on PayPal

https://bit.ly/33ENps4

For the best experience, listen in Metacast app for iOS or Android