# CA certificates -- domain and authority?

## dE_logics

A company when issuing certificates has to fill the domain/authority and other vendor specific information in the certificate (X509).

When it gives the private key corresponding to this certificate for a website, this information in the certificate remains the same.

But -- one certificates -- many websites, many domains, many authorities etc... etc... etc... wont this make the certificate invalid?

For e.g. 2 rival banks have the same private key and so use the same certificates -- but the 2 bank's website lie on different domains, so for these 2 domains how can the same certificate be valid?

----------

## Veldrin

I think there is a misunderstanding between public key (which is part of the certificate) and the certificate. Even if the keys (public and private) are the same ones, the certificate, and its hash (fingerprint) will be different, as it contains additional different information (e.g common name).

In addition to it is rather unlikely (I haven't done the exact maths) that 2 Certificates have the same private keys (the public key is usually pretty generic).

V.

----------

## John R. Graham

 *dE_logics wrote:*   

> For e.g. 2 rival banks have the same private key and so use the same certificates -- but the 2 bank's website lie on different domains, so for these 2 domains how can the same certificate be valid?

 That's not really the way it works. An organization's private key is never "given" to anyone and the private key is never the same from certificate to certificate (unless you're talking about the CA's private key, which signs the certificates issued by the CA; but it isn't given to anyone either). At a high level, what's in a certificate is:An organization's public key.

Some mandatory demographic information (subject, issuer, etc.) and some optional application-specific information as well.

A signature that binds those to sets of information together.I think we have a big disconnect here and thus I probably haven't answered your question. Feel free to clarify.   :Wink: 

- John

----------

## John R. Graham

 *Veldrin wrote:*   

> In addition to it is rather unlikely (I haven't done the exact maths) that 2 Certificates have the same private keys (the public key is usually pretty generic).

 You could say that. In the context of reasonable size properly generated RSA keys, it's less likely than one over the number of subatomic particles in the universe that two independently generated RSA keys would be the same. The public key is not generic: it is as unique as the private key. I think you may be thinking of the public exponent, which does typically take on a well established constant value. In RSA, the "Public Key" consists of two components: the public modulus (always different), and the public exponent (standardized).

- John

----------

## dE_logics

 *John R. Graham wrote:*   

>  *dE_logics wrote:*   For e.g. 2 rival banks have the same private key and so use the same certificates -- but the 2 bank's website lie on different domains, so for these 2 domains how can the same certificate be valid? That's not really the way it works. An organization's private key is never "given" to anyone and the private key is never the same from certificate to certificate (unless you're talking about the CA's private key, which signs the certificates issued by the CA; but it isn't given to anyone either). At a high level, what's in a certificate is:An organization's public key.
> 
> Some mandatory demographic information (subject, issuer, etc.) and some optional application-specific information as well.
> 
> A signature that binds those to sets of information together.I think we have a big disconnect here and thus I probably haven't answered your question. Feel free to clarify.  
> ...

 

I know about the public and private key concept, but this PKI system is troubling me. What I meant by this sentence (which may be causing the misunderstanding) - 

 *Quote:*   

> When it gives the private key corresponding to this certificate for a website, this information in the certificate remains the same.

 

was that - 

When the CA gives the private key corresponding to this public certificate to the owner/authority of a website, this information in the public certificate remains the same.

But from here, I understand that the private key is not given to the owner/authority of the website? Then how's the encrypted data sent by the client decoded?

 *Veldrin wrote:*   

> I think there is a misunderstanding between public key (which is part of the certificate) and the certificate. Even if the keys (public and private) are the same ones, the certificate, and its hash (fingerprint) will be different, as it contains additional different information (e.g common name).

 

There are millions of secure websites over the Internet, but compared to that, I've a very limited set of certificates installed.

What I understand from your statement is that site specific information is not given in the preinstalled certificates. Is that true?

----------

## dE_logics

Ok, so I've figured out that when the website sends the public certificate, the web client will check if this certificate is valid or not by contacting the corresponding CA.

So what are these preinstalled certificates doing in web browsers?

----------

## John R. Graham

The preinstalled certificates are for generally trusted root certificate authorities. You can take a look at the PKI Wiki page for more details, but basically PKI includes the concept of a chain of trust. A certificate is "trusted" because it is signed by another certificate that is "trusted" and so on up the chain until you get to the root CA (e.g., Verisign). These must be implicitly trusted because there's no-one to vouch for them. You also implicitly trust the Mozilla Foundation to only include root CA certificates in the Firefox distribution that are worthy of trust. Of course, with Gentoo, you have the source code so, if you don't like their decisions, you can edit out the root CA certs you don't want to implicitly trust.

One more nuance (for now, at least; they're lots of nuances in a properly designed PKI). A certificate does two fundamental things:It cryptographically binds information to a public key. This means that you can "trust" that the information (and the public key) came from where it says it came from.

It proves that the issuer has the ability to wield the associated private key. This means that the "owner" of the private key created the certificate.Okay: one more nuance.   :Wink:  When talking about PKI, I believe that the word "trust" should almost always be quoted or highlighted because it doesn't mean quite what it does in English. More on that later if you're interested.

- John

----------

## Veldrin

 *John R. Graham wrote:*   

> The public key is not generic: it is as unique as the private key. I think you may be thinking of the public exponent, which does typically take on a well established constant value. In RSA, the "Public Key" consists of two components: the public modulus (always different), and the public exponent (standardized).

 Yes, you are absolutely right. I was thinking of that, but not thinking my statement completely through. 

V.

----------

## dE_logics

All this will take some time to explore. Thanks for pointing things out in the right direction.

----------

## dE_logics

Ok, got it.

On the browser there're root certificates preinstalled -- they contain public key to decrypt the encrypted checksums of the certificate provided by a site.

The client can then decrypt the checksum using the corresponding root CA and verify the certificate's identity.

----------

## dE_logics

PS: is this right?

----------

## Veldrin

almost.

yes, browsers contain the root certificates (which implies the public key), but they do not contain the certificates for each site. 

when you connect via https (or any other protocol that supports ssl/tls) the remote site sends its signed certificate. this certificate contains 3 parts: information about the remote site (usually the common name e.g. forums.gentoo.org) and information about the respective signin authority (in case of gentoo that would be CACert) and obviously the signed part (which is encrypted with the private key of the CA, therefore can be decrypted by the public key of the CA).

This signed part is usually a fingerprint (hash like md5 or sha1) of the remote sites information. change a little part, and the entire hash change.

your browser calculates the hash on it own, and compare it to the decrypted hash in the certificate. if they match, the site is who the say they are, if not you get a warning.

On a side note: Root Certificates need to be ultimately trusted, as they are the origin of the trust. 

V.

I hope I explained it clearly enough, and did not make do many errors.

----------

## dE_logics

Yes, thanks for the clarification.   :Smile: 

----------

