Hello again! I've got a question about HTTPS encryption:
I've read about unilateral and bilateral authentication, it means:
Unilateral authentication: Only the server gives a certificate.
Biltareal authentication: Both client and server give their certificate.
In case of unilateral, does it mean too that only the client shows its public key? If it were so, the server couldn't encrypt its responses and every eavesdropper could read the data going from the server to the client. That can't be true, so, how does it work? Is it that server has to give a certificate and a public key but client only needs to give a public key? If it were so, server would never know the validity of client public key... yes, I know it's nothing so important anyway
In fact what I'd like to be sure is what to answer in the SCEA5 part 1 exam.
Thanks!