U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Computers
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
 
Old 06-07-2013, 01:17 PM
 
2,496 posts, read 4,772,413 times
Reputation: 943

Advertisements

Each installation of Windows has a unique ID number called a GUID; it's impossible to change this number, is that right?

Do the security certificates for websites check against your computer's GUID? Or do they check something else?

No longer about Windows computers: On my Android phone, I keep getting the security certificate dialog box whenever I go to Google News. Why would it only be for that site?? It doesn't do that for any other site, including Google-related sites.

I read some tech articles about security certs. It's confusing, but I think the website is matching a number against a number on your device. Is that number something that is sent to your device each time you visit that site?
Reply With Quote Quick reply to this message

 
Old 06-07-2013, 03:07 PM
 
Location: Honolulu, Oahu
912 posts, read 1,741,514 times
Reputation: 823
Quote:
Originally Posted by robertpasa View Post
Each installation of Windows has a unique ID number called a GUID; it's impossible to change this number, is that right?
Correct. The only programs that really care about this are the Licensing parts of Windows and if the computer is part of a Windows Domain.

Quote:
Originally Posted by robertpasa View Post
Do the security certificates for websites check against your computer's GUID? Or do they check something else?
Other way around. Your computer checks the security certificate to see if it is valid. See below...

Quote:
Originally Posted by robertpasa View Post
No longer about Windows computers: On my Android phone, I keep getting the security certificate dialog box whenever I go to Google News. Why would it only be for that site?? It doesn't do that for any other site, including Google-related sites.
Sounds like your phone is either leaving a secure site and notifying you, or going to a secure site and notifying you, or it can't verify the certificate for the site. Without the specific error, it's hard to tell what you are looking at.

Quote:
Originally Posted by robertpasa View Post
I read some tech articles about security certs. It's confusing, but I think the website is matching a number against a number on your device. Is that number something that is sent to your device each time you visit that site?
Security Certificates are used to establish trust and contain an encryption key (or code). On the open internet there are established Certification Authorities that all computers are told to trust. Verisign and GoDaddy are Certification Authorities. Certificates are issued to companies, with a length of time that they are valid to, and contain a unique encryption key set.

When you visit a website that is using SSL (https://) your browser is presented with the website's certificate. Your computer then checks the certificate to see if it is valid. When you view the certificate with your browser, you can see which Certificate Authority issued the certificate. For example: amazon.com is using Verisign as their Certificate Authority. You can check this by going to amazon.com's sing-in page. The sign-in page is using SSL and presents the certificate. Usually you can click the Lock icon on your browser and then go to "details" of the certificate to see the tree of where the certificate came from.

After your computer checks the certificate it then uses the encryption key within the certificate to encrypt the traffic from your computer to the web server. Your computer and the web server then communicate with encrypted traffic that only they can decode. This protects whatever information you are sending between the two computers and over the network/internet.

If a certificate is expired or issued by an unknown Certificate Authority (CA), your browser warns you that the certificate is not valid. Some browsers turn the address bar red to signify this, and some programs just don't work at all if the certificate is not valid.
Reply With Quote Quick reply to this message
 
Old 06-09-2013, 02:09 PM
 
2,496 posts, read 4,772,413 times
Reputation: 943
Thank you Dth!!
My phone has a checkbox to turn off security warnings too.

How many digits are in a certificate?
Reply With Quote Quick reply to this message
 
Old 06-10-2013, 02:04 AM
 
Location: Honolulu, Oahu
912 posts, read 1,741,514 times
Reputation: 823
No problem!

Not sure what you are asking?
Reply With Quote Quick reply to this message
 
Old 06-10-2013, 02:53 PM
 
2,496 posts, read 4,772,413 times
Reputation: 943
Quote:
Originally Posted by Dthraco View Post
No problem!

Not sure what you are asking?
A "certificate" on a website one's computer is really just a long number, isn't it?
Reply With Quote Quick reply to this message
 
Old 06-10-2013, 07:00 PM
 
Location: Honolulu, Oahu
912 posts, read 1,741,514 times
Reputation: 823
True, a certificate is a file, and a file is a big set of 1's and 0's. You could call that a big number if you wanted to, but that's kinda like saying there are 223 pages in a book about certificates. Doesn't really tell the whole story.

A certificate is a type of file. The file contains information such as the encryption key, type of encryption used, Issuing Authority, domain names it is valid to be used upon, valid dates, etc. This is similar to how a Word document is a type of file that contains information such as the actual text of the document, when it was created, pictures in the document, what user created it, what version of word it was created in, when it was last saved, etc.

The Certificate contains the cryptographic/encryption key. amazon.com's key is 2048 bits in length, this is called bit depth. You can chose to have a higher or lower bit depth when you request the certificate. The higher the bit depth, the more complex the scrambling/encryption of the data. By looking at the details of the Certificate, you can see the information it contains.

Amazon's key actually looks like this:

Modulus (2048 bits):
b7 5c 95 8f c9 d9 68 5c 2b 64 13 30 b0 8a 82 49
ff 68 ab 07 b7 50 de fd 33 4d a8 cb a0 78 a8 41
bb 83 55 6b e5 41 cc f9 36 41 33 8e 71 7e 22 01
cc ab 07 3c d5 34 15 5f 66 88 66 fe e7 e4 dc 4e
00 37 32 79 a5 11 11 14 b3 3f 1f ec 65 ea f9 c1
3c cb 94 d3 ee 27 a4 46 13 4e 40 a4 f5 a2 35 87
04 ea e8 35 11 38 81 b8 5a e7 5c 95 ec d1 e8 a2
c1 c0 12 b6 68 89 27 07 3a d2 61 d0 9f 71 0d c1
b5 8e e2 b5 18 0c 66 ef 22 fb d7 2f 2a b0 46 0d
13 12 4a 15 f0 8f 65 f3 9f 32 48 3c a9 ed 2c d0
82 a8 11 4a a1 04 81 0d 2c 8b a1 ea 65 e5 88 b1
5f e1 6f 7c 28 a3 a2 52 97 2c 19 45 d7 b6 75 3f
c0 26 b8 4a 83 03 10 c8 8c 23 cc 42 75 28 66 57
05 b9 af 8b 34 60 15 20 5e eb f4 2c 8e 59 ec 18
dc 44 dd 55 ae 5c d7 be 01 73 71 66 ff 92 75 29
9a 1f 69 f1 02 be ed b9 f7 04 de e3 fd cb e6 8f

Exponent (24 bits):
65537

And just to make things more interesting, you will note that it is a HEX number. Cryptographic keys are HEX numbers.

These HEX numbers are a portion of certificate file which is really a binary number stored on a hard drive that is comprised of about 15,200,000 1's or 0's.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Computers
Follow City-Data.com founder on our Forum or

All times are GMT -6. The time now is 05:04 AM.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top