Computer Networks

Tutorial #23

  1. What is a site certificate, and why is it considered a desirable (if not essential) tool for conducting Electronic Commerce on the Web?

  2. As a Web user, how can you tell if the site you're communicating with is using SSL security?

  3. Why is a site certificate encrypted using the private key of the CA which issued it?

  4. Why would you want a personal (client) certificate, analagous to a site certificate? Under what circumstances might client cerificates be important?

  5. Some time ago (whilst I was busily surfing to the Dilbert site), Netscape presented me with the following message:
    The certificate that the site 'www.unitedmedia.com' has presented does not contain the correct site name. It is possible, though unlikely, that someone may be trying to intercept your communication with this site. If you suspect the certificate shown below does not belong to the site you are connecting with, please cancel the connection and notify the site administrator.
    Here is the Certificate that is being presented
    :
    Certificate for:United Media
    Signed by:RSA Data Security, Inc.
    Encryption:Export Grade (RC4-Export with 40-bit secret key)
    What's going on here? How could it happen?


See Prac #23 for the practical exercises accompanying this tutorial.
La Trobe Uni Logo [Previous Tutorial] [Tutorial Index] [Next Tutorial]
Copyright © 2000 by Philip Scott, La Trobe University.
Valid HTML 3.2!