but how is that possible? that even the CA cannot track you?
That's not really possible to explain in this space, unfortunately, but the overall idea is that there are mathematical techniques that allow you to prove that you have a valid certificate without revealing which one it is.
That's not really possible to explain in this space, unfortunately, but the overall idea is that there are mathematical techniques that allow you to prove that you have a valid certificate without revealing which one it is.