Re: RE: Re: simple question again

2005-05-18 Thread Ragnar Paulson
> > Ok, so if it is not a problem if the cetifiacte is intercepted, how to "prove > that you are the party the certificate was issued to by demonstrating > possession of the private key " ? > Is it a special configuration the VPN ? > > thx > david > You now have a public key, anything you enc

Re: RE: Re: simple question again

2005-05-18 Thread david
  > A certificate essentially says something like "I am Verisign, and I certify > that Joe Schmoe is the rightful owner of the private key whose corresponding > public key is X". > > The certificate itself is generally considered public information and it is > not a problem if the certificate is

RE: Re: simple question again

2005-05-17 Thread Miles Bradford
sage- From: David Schwartz [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 17, 2005 4:22 PM To: openssl-users@openssl.org Subject: RE: Re: simple question again > This is why in my other replies to whomever - I made the > statement about how > fast all this can be done. It takes at l

RE: Re: simple question again

2005-05-17 Thread David Schwartz
> This is why in my other replies to whomever - I made the > statement about how > fast all this can be done. It takes at least 3 good handshakes to get > onboard a SSL site - but, what matters the most is that > &*_*&)^&^)*_**;qwepqowifskljfas that surrounds the key - is intact and not > minus o

RE: Re: simple question again

2005-05-17 Thread Miles Bradford
PM To: openssl-users@openssl.org Subject: RE: Re: simple question again > > > if somebody intercepts the certificate while it is in transit > > > on the network, this person can use this certificate ? > > If you have a certificate you can verify something that's been

RE: Re: simple question again

2005-05-17 Thread David Schwartz
> > > if somebody intercepts the certificate while it is in transit > > > on the network, this person can use this certificate ? > > If you have a certificate you can verify something that's been signed > > with the private key, or you can encrypt something so that only the > > holder of the priv

RE: Re: simple question again

2005-05-17 Thread Miles Bradford
much a non-happening event. -Original Message- From: david [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 17, 2005 9:23 AM To: Rich Salz Cc: openssl-users@openssl.org Subject: Re: Re: simple question again > > if somebody intercepts the certificate while it is in transit on the network

Re: Re: simple question again

2005-05-17 Thread david
> > if somebody intercepts the certificate while it is in transit on the > > network, this person can use this certificate ? > > If you have a certificate you can verify something that's been signed > with the private key, or you can encrypt something so that only the > holder of the private k

Re: Re: simple question again

2005-05-17 Thread david
Ok, if somebody intercepts the certificate while it is in transit on the network, this person can use this certificate ? How a CA knows that the certificate is used by the good user or not in this case ? > De: Rich Salz <[EMAIL PROTECTED]> > A: david <[EMAIL PROTECTED]> > Objet: Re: