Certificates
As we learned earlier, certificates are public keys that are signed by a certificate authority or CA as a sign of trust. We covered TLS server certificates but there can also be client certificates. These operate very similarly to server certificates but are presented by clients and allow servers to authenticate and verify clients
In order to issue client certificates, an organization must setup and maintain CA infrastructure to issue and sign certificates.
Certificate authentication is like presenting identification at the airport, you show your ID or your certificate to prove who you are. The ID is checked to see if it was issued by an authority that is trusted by the verifier.
Certificate Revocation List (CRL): A means to distribute a list of certificates that are no longer valid