On Wed, Jul 23, 2003, Dan Kendall wrote: > Hi, > > I'm a newcomer to this crypto business and maybe I'm a little confused... I > don't want to hijack this conversation but surely somebody from evil.bar.com > could provide a certificate signed by a trusted party for example.foo.com. > After all, the certificate is public right? So something else, be it DNS > related or otherwise, must be needed to make sure the connection is sound. > Is it not common practice to do a test encryption, thereby ensuring the > 'other end' has a private key to match the public key in the certificate? > > Again, apologies for interrupting but I am now quite confused, >
The way the SSL/TLS handshake works means that it will fail if the server does not have access to the private key corresponding to the certificate it claims to be its own. In one case the client send some data (the premaster secret) encrypted using the servers certified public key and both sides derive various session keys based on it. If the server cannot decrypt this data it can't derive the session keys and the handshake fails. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
