97
what if the hacker provided the public key for https connection?
(www.youtube.com)
This is a most excellent place for technology news and articles.
As others have mentioned, a trusted 3rd party signs the correct key so your browser can check the key itself.
However, it should also be noted that your browser must have a list of trusted 3rd parties and their certificates used for signing in order to perform this check. It's entirely possible to modify this list yourself. Some examples include:
So while it's possible for trusted 3rd parties to issue valid certificates to bad actors, it's also possible to add anyone (you, your employer, or some bad actors) to the trusted parties list.
Add Norton to that list. They also perform their own MITM attack on your pc to ensure your certificates are "safe"...