what if the hacker provided the public key for https connection? - eviltoast

So this video explains how https works. What I don’t get is what if a hacker in the middle pretended to be the server and provided me with the box and the public key. wouldn’t he be able to decrypt the message with his private key? I’m not a tech expert, but just curious and trying to learn.

  • mox@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    6 months ago

    Misbehaving or even simple errors are reasons for getting kicked out,

    That can be helpful if a transgression is noticed, and it’s not orchestrated by a higher authority (e.g. government), and the damage isn’t already done.

    browser builders are rather strict on the presence of the CAs they trust.

    Of course, browser builders are vulnerable to influence, attack, accidents, questionable judgment, and blind spots just as certificate authorities are.