LITIGATION SUPPORT TIP OF THE NIGHT

Last night's Tip discussed the use of certificate authorities to authenticate web site owners, and encrypt communications. Certificate authorities do not remain valid indefinitely. Expired certificates will generate an error message. Certificate authorities that have been revoked for some other reason will be put on a Certificate Revocation List (CRL). This is an example of an error message you'll see in a browser if a CA has been put on a CRL.

Some CAs on a CRL will only be on hold, and are not necessarily permanently revoked.

Digital certificates will be placed on a CRL when public keys have been compromised, a certificate is believed to be a fake, the issuer of the CA is compromised, or a web site owner no longer owns a server or domain name.

Certificate authorities prepare digital certificates to associate public keys with entities that a user communicates with using the secure HTTPS protocol in a web browser. The key is used by the browser to encrypt data transmitted by users to the servers of the entity owning the web site. In order to prevent the transmission from being hacked by someone pretending to be the trusted entity, the user's browser checks the certificate and the public key it receives against public keys received from the certificate authority.

In Chrome you can find a list of the certificate authorities it uses under Settings . . . Privacy and security . . . Security . . . Manage certificates . . . on the Trusted Root Certification Authorities tab.

IdenTrust, Comodo (Sectigo), VeriSign, DigiCert and GoDaddy are some of the most widely used certificate authorities.

Note that It is possible to import a certificate authority into your web browser.

The Tip of the Night for February 9, 2018, discussed how you can easily look up the default password for a router. After receiving a new router, it is imperative that the default password be changed. In order to do this, in a web browser enter the IP address associated with the router, and access your account using the default user name and password. In order to find this IP address, in command prompt enter: ipconfig

At the end of the data generated by this command will be an IP address listed as the default gateway. This is the address of the site where your router's password can be reset.

Often the default password for a router will be printed on the back of the router. Obviously leaving your password set to this is not wise. If someone gains control of your router, they can execute a pharming attack. A pharming attack will re-direct your internet traffic to a different DNS server (domain name server) that will translate web address names into the IP addresses of sites set up for malicious purposes.

It is possible to have a computer direct traffic directly to a DNS, rather than through a router, and thus avoid the problems which come from having a compromised router. Note that the router password is different from a wifi password. A home network, or local work network should have one of each.