bob.com.
In line with what was introduced in that section, this helps anyone
who already knows Bob to be sure that his public key is the
one declared in the certi?¬?cate. However, this is also a statement
from the CA that the identity of the current website corresponds
to what is declared by the certi?¬?cate itself. Whoever will land
his browser on Bob??™s website will have the word of the CA that
such a website happens to belong to Bob; if the visitor trusts the
CA, this will be enough for performing the already mentioned
Figure 1-13 An HTTPS response
HTTPS is very
effective for
preventing man-inthe-
middle attacks
between two endpoints
If a website uses
HTTPS, its identity
is declared by a CA
via the certi?¬?cate
necessary for implementing
SSL
52 The Problem
server authentication. In the section ???The Babel of Web User
Interfaces??? we revisit this concept, showing how this helps only
to a point when the server authentication has to be performed
by a human.
HTTPS has been enormously successful and is the very base of
e-commerce as we know it today. It is a good answer to the
problem of con?¬?dentiality of communications on the Internet. It
is also a sound solution for the problem of server authentication,
at least from the technological point of view.
Pages:
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107