thank you very much... it was very interesting ans easy to understand........

Thanks, but i was wondering in the last case,(of amazon) you said amazon has a CA that send out a public key to the user. Is there only one CA in that case, on the drawing you still had the first CA so i was confused if two were in use there. thanks

@CFaulkstlouis Sorry to have confused you. In fact, you have certificates (containing the public keys) of many respectable CAs already in your browser, only in rare instances you'd need to import a CA certificate. Your browses uses these certificates during its communication with e-commerce sites. I hope this clarifies.

thank you very much, it was very useful and easy to understand!

No objection or anything, but are you Dutch? Your accent sounds Dutch to me. xD And thanks a lot for this video!

@snelheidsmonsters Flemish...

This was great, thank you for such a clear explanation

nice basic intreduction. the video could be made a bit more professional, but atleast - unlike many other videos on youtube talking about PKI - you explain it right.

I watched so many videos explaining this concept, but yours was the only one in which I was able to fully grasp every single concept. Thanks!

This was a very good tutorial it explains PKI very well. The diagrams used to illustrate the problem is very helpful. Thank you Mr Dagon :)

So...what was bob's message

@foxtrot151000 oh wait i'm sorry i didn't watch the full video, you got it right though but i was looking for a way to encrypt messages on paper with the pke, like the bare mathematics

@foxtrot151000 My goal with this video was to make a good introduction for everybody, without going into the mathematics. Hence the analogy of key and padlock for the two different keys that belong together.

@MrDagon007 well when you put it that way then its a very good video, i was looking for a mathematical explanation of asymmetric cryptography because i have always found public key encryption very interesting but i have searched so many sites that talk about how pki works with analogies but no explanation on how exactly it works, could u post another video for the more advanced or tell me a site in which i can find one, your help is appreciated.

@foxtrot151000 Go to wikipedia and search for RSA algorithm and you'll find the formulas including an example.

Congrats for the video.

Your explanation is better than wikipedia+howstuffworks+wikiho­w together.

Cheers!

Great! I wish I could give more than 1 "Like"

Very interesting 

very helpful!!! love it

I love the way he pronounces PADLOCK :)

Really I like your explained, and your example reached the point. but can you use this theoretical to be practical i.e. can you please design program Encrypt and Decrypt the data using Mathlab software

@EECE2010 Yes and if you like, I can also make you a nice hot chocolate : -)

@MrDagon007 hehehehehehe:)

Thankyou so much for this video. You do a great job of explaining it simply.

Very well done, things make sense now. On a quick note how does to CA know who has what key?

This is FANTASTIC. At first glance, I though "ohh great, another "teacher"". It turned out to be extremely good and informative. it actually glued everything I knew about SSL and PKI. Thank you so much!

I think I have it now: The public key is part of the x509 cert as it is sent from the CA to the user requesting it. And could it be said that, as part of the authentication to a local network, the cert and public key are issued based on that authentication?

@henryjosephmcp If I understood your question well, I think I would say yes (keep in mind that I am not really an IT guy, but work in an adjacent area). A remark, the best way to start authentication on a local network is to first deliver initial secrets "out of band", for example on paper as you can't trust the network yet.

Thanks for the tutorial. So the x509 certificate is actually 'attached' to the public key of the message sender?

@henryjosephmcp A certificate is a file, containing a public key, details like period of validity if applicable etc, and this content is signed by the private key of the certificate authority.

Which public key? I should make a clip on signing to make this more clear, here is the summary: For encryption it is the public encryption key of the receiver, for verifying a signature it is the public signing key of the sender. In principle both functions can work with 1 key pair, best is to use 2 pairs.

thanks allot

Thank you very much, and I wish to Upload more video about this subject ^_^

@EECE2010 OK, when I get around it I will make a concise video featuring a closer look at signatures.

I will use this information in my report. Thanks

Thank you MrDagon, you explained it better than my Internet Security schoolbook. You made concepts easy to absorb.

Thanks for posting this. It was helpful to get such an overview.

A very informative video. But the category of the video remained as "entertainment". It would be better that it would be changed.

@magawla Thanks for the heads-up: I changed the category to Education. Cheers !

Thanks MrDragon - great primer. Glad I found you.

What would be exactly the issue if the public key would not be certified? Alice can only open messages that have been encrypted with the public key that belongs to the private key. If she gets messages that have been encrypted with anouther public key, she could not read it...where is the error in reasoning?

@evariste78 The problem is that you as the sender want to be certain that the public key belongs to Alice. You don't want a hacker impersonating as Alice to read your highly confidential "Marry me!" me message. Hence you want to use a certified public encryption key: certification binds an identity to a public key.

PS I may make a sequel tutorial on signatures.

@MrDagon007 Ah, i understand, otherwise Alice may receive a message that was encrypted with a hackers public key, hence she could not decrypt with her private key, but the hacker could, right?

@evariste78 Indeed, if the hacker could in some way intercept the message he could read the confidential information which the sender thought was safely encrypted fro Alice. Hence the importance of proper certification.

@evariste78 Think about this... You tell Alice your going to send her a metal box but before this she says she will send you an open lock to secure it. If she sends you the open lock and in the middle someone swaps that lock during the transmission stage, if there was no CA or person to prove that lock is really hers you will lock the box with the wrong lock. This may not sound bad, unless "a man in the middle" gets a hold of the box before Alice does, Your thoughts MrDagon007?

@hellfish5 Indeed, you are correct.

BTW, when I get around it, I will do another clip, this time on PKI for signing.

good job Dagon, being involved in technical issues of the internet myself, I found this very refreshing and a good high level, simple overview of the concept.

Nice explanation of a complex topic. You managed to cut though to the technology and deliver the basic facts clearly and concisely. You have a sharp mind to complement your sharp blades.

@o2wow Thanks for the friendly feedback !

Nice topic, well done!

Nice Vid, I like your knife reviews´, none the less I appreciate to hear the people whos reviews I like talk about other subject matter 5/5. One thing though it is modern times, not moderate.

gj 5/5