Let's learn about what a X.509 certificate is, and how it's used in networking.

X.509 is service that authenticates the certificates used in secure communication between a user and a web server. The process is standardized by the International Telecommunication Union, ITU. X.509 certificates are important part of networking because they provide validation when users attempt to send data over the internet. This do this by distributing public keys inside of the certificate in a way that verifies the sender of a key is the actual owner, thus protecting the receiver of a key.

An X.509 contains the following information: information about the sender/owner of the key; the public key being sent; a digital signature from the Certificate Authority signed with the CA’s private key.

CA’s have a tree/hierarchical structure. Every node from root node (called the root CA) down to the current node digitally signs this certificate. All nodes can then be verified when the certificate is validated.

The system of certificates and CAs are necessary because they ensure that the key delivered when communicating with a web service is the valid key. As stated in the prompt, anyone can make the public/private key pairs. A certificate and CA will verify for users that this key is indeed the correct key and not manipulated in some way.