On Mon, Jun 02, 2003, Wu Junwei wrote: > Hi,Steve, > > Thanks for your kindly answer. > > But, I am still not very clear. > > In my understinding > > I think responder may be not the signer of the reponse because the CA of > the certificate in question can sign the response itself. > > The public key got from the responder's certificate is X509_PUBKEY *key in > X509_CINF struct in X509 struct. > I think this public key should be the public key of the responder itself. > > So I still can not understand why the signer's public key must be the public > key of the responder. > Especially , when the CA signs the response itself. > > > What step do you think in my understanding is wrong or not totally correct? >
Well let me explain it a different way. The response is always signed by a private key. That corresponding public key (the responders ket) is contained in a certificate (the responders certificate). The ResponderId is used to identify the responder's certificate. Now the responder's certificate doesn't have to be unique. In the example of the CA signing the response the responders certificate will be the CAs certificate. It should be noted though that the model of a CA signing the response may not be used too much in practice because it means the responder needs access to the CAs private key. Whereas the delegated model just needs a public key contained in a certificate signed by that CA. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
