What does the SSL/TLS certificate prove about a website?

• A. The certificate proves malware-free.
• B. The identity of the user.
• C. The certificate proves that 'writing302.org' and its associated encryption key are both owned by the same entity.
• D. The website uses HTTP.

Answer: (C)

SSL/TLS certificates bind a domain name to a public encryption key and are issued only after someone proves they control that domain. When a certificate is presented, the browser checks that the domain in the certificate matches the site you’re visiting and that the certificate is signed by a trusted authority. This creates a trusted link: the domain and the public key are owned by the same entity, so the site can use the corresponding private key to establish encrypted communication with you.

This doesn’t guarantee that the site is malware-free, nor does it identify who you are as a user. It also doesn’t by itself state that the site uses HTTP; a certificate enables HTTPS (TLS), which is the secure version of HTTP.