When I establish TLS/SSL with some server he sends me the certificate in the process. The certificate is signed by a certificate authority.
In my PC/browser I have a list of trusted certificate authorities.
Do I send the certificate to the authority or I validate it locally (checking the certificate’s signature using data stored within the certificate authority list)?
(note: if needed take the browser for the example TLS/SSL client)