Why do we need public key certificates in SSL/TLS

[lopidas]

I am not sure why do we need certificates
Here is only thing I found:
in a case of theft of private key, it can be marked as stolen

What are other reasons?

Edit: in SSL/TLS.

[Love4Boobies]

Certificates have nothing to do with stolen private keys (what you're talking about makes me think about DRM protection schemes, though). The idea is that you sign a certificate using a secret function in order to prove its authenticity to others, just as you would sign a document in the real world. You can sign documents, e-mails, even Web servers (this is part of how HTTPS works, otherwise it would be vulnerable to MITM attacks).

[lopidas]

I have said it in the bad way why do we need it in the case of ssl/tls

[Love4Boobies]

In asymmetric crypto, Alice and Bob start with two keys each: a private and a public one. Now, suppose there is an eavesdropper, Chuck, who can only look but not touch. In order to decrypt ciphertexts, Alice would combine her private key and Bob's public key and Bob would do the opposite. They can safely exchange these over the network, since Chuck can't do anything useful with two public keys.

Now, imagine Chuck is a proxy. If Alice sends her public key to Bob through Chuck, Chuck can just store that key and generate a whole new one for Bob. He would then do the same with Bob's public key. He would use his own private keys to decipher the incoming traffic, perhaps tamper with it, and encrypt it again before sending it off to the other party.

Certificates are used to solve this problem since digital signatures (which, again, are functions) are generated using public keys as input. When the packets come home, Alice can find out whether there is a man in the middle (MITM) or not. In particular, signatures must be checked against trusted certificates (which the OS, browser, etc. has a database of).

[lopidas]

Thank you.