Re: Naive

• To: Vassilis Risopoulos <risopoul@informatik.uni-hamburg.de>
• Subject: Re: Naive
• From: timd@consensus.com (Tim Dierks)
• Date: Wed, 26 Jun 1996 16:53:00 -0700
• Cc: www-security@ns2.rutgers.edu

At 16:54 6/26/96, Vassilis Risopoulos wrote:
>This is going to sound naive I know and it probably is, but I need to get
>it clear.
>A "signed" certificate is encrypted right?
>I mean all the X.509 stuff that are in the certificate just get encrypted
>by the CA
>and then the client has to have the public key of the CA to get them?
>Or, everything is in the clear and the signature that comes in the end is
>a kind of CRC
>to check the whole thing?

The latter is correct; the certificate is in the clear, and a hash of the
certificate is encrypted using the private key of the CA; it can then be
verified with the public key of the CA.

 - Tim

Tim Dierks  --  timd@consensus.com  --  www.consensus.com
Head of Thing-u-ma-jig Engineering, Consensus Development

• Previous: Re: CERT Advisory CA-96.12 - Vulnerability in suidperl
• Next: Re: Need a Security Consultant
• Index(es):
  • Index
  • Thread