Objective:

Upon completion of this activity, you will be able to discuss the level of trust in certificate authorities and the use of X.509 certificates.

Student Instructions:

Review the Wikipedia page on X.509 certificates then complete the following exercises:

a. Open your web browser and locate where the certificates are stored. Choose two certificates issued by different authorities and determine: version, name of CA, expiration date, intended use and signature algorithm.

b. What is the file extension of a certificate? How do you export a certificate?

c. Look up reviews of certificate authorities on the internet. Based on these reviews name 6 certificate authorities and indicate the level of trust you have in each one. You can find some CA reviews here: SSL Certificates Reviews ( https://www.sslshopper.com/certificate-authority-reviews.html )

d. Describe two vulnerability issues with X.509 certificates.

e. Find out if an X.509 certificate has ever been forged. Describe the incident or other security incident involving certificates.

f. What is Microsoft Authenticode?

g. Visit the certlogik website and test the following tools: Cert Logik Checker ( https://certlogik.com/ssl-checker/ ) and Cert Logic Decoder ( https://certlogik.com/decoder/ ). What is the purpose of these online tools?