> A local certification authority has issued a cert and the public is as
> below (parsed with openssl) :
>
> -----
> Modulus (1023 bit):
> 5d:10:63:d3:d8:00:2a:50:ab:65:8a:f0:92:83:b0:
> 6a:39:e3:0c:38:aa:f5:32:23:71:25:8e:4a:8d:50:
> fd:80:a3:95:59:33:27:92:88:d0:1d:28:dd:05:7c:
> b6:a0:5e:68:9e:b4:70:c9:bd:28:8a:fb:6d:95:0a:
> 38:83:f9:8d:15:b1:3a:33:bf:d7:ab:1c:5e:1b:d3:
> d6:c1:1a:f8:05:7f:ef:22:23:48:ef:48:a2:8d:99:
> 90:10:81:8a:54:dd:16:9e:7f:d0:88:a8:b7:34:68:
> be:4d:8f:dc:4b:5d:d9:72:c5:a4:88:a6:40:fa:f2:
> f7:16:79:a8:35:3d:f2:ad
> Exponent: 3 (0x3)
> -----
>
> The key pair was generated by the CA (smart-card based) and it was
> supposed to be a 1024-bit RSA key. I retrieved the certificate from the
> smart card and parsed it with openssl.
>
> I am just wondering why did openssl report it as 1023-bit?
Suppose I ask you to pick a random number between 1 and 1000. You tell
me.
I think ask someone "do you think he picked a random number between 1 and
1000 or between 1 and 500?". Half the time, the other person will say
"probably between 1 and 500". So half of the 1,024 bit random numbers fit in
1,023 bits.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
