El hallabi-Kettani Abderrahmane wrote:
--- Alok <[EMAIL PROTECTED]> a écrit :
I think there is a reason why you cant encrypt a
message without 1st signing it using smime
By your logic, any preshared "key" would do the
trick , why bother with the cert ?
(in other words, hiscert or mycert, if all you are
doing is using it as a key to some encoder, why bother with certs)??
the utility of the certificat is to avoid the middle men attack, so you have a public key(encryption) certified . the use of the smime is compulsory if we want to have a PKCS7 format, for example Signed and envelopped data .
formatting data apart, say I am sending him an smime email
i 1st sign it, then attach my cert, then encrypt with mycert /hiscert
if that is indeed what I am doing then both "hiscert" and "mycert" is public knowledge right? it is "public cert"?
So any man in the middle would be able to get the data if he either knows "mycert" or "hiscert",which is our pub cert and hence everyone would know it correct?
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
