-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nicolas,
On 12/4/17 2:20 PM, Nicolas Therrien wrote: > " Asymmetric encryption uses a public and a >> private encryption key. The public key, which as its name >> states, is public, i.e. it is available to all. The private key >> is and must be closely guarded. A message encrypted with the >> private key can be decrypted by the public key and vis-a-versa." > > This is not true. > > The principle of asymmetric encryption is based on the fact that > this is a one-way communication channel. Only the public key can > encrypt data, and only the private key can decrypt data.> This is > not reversible. The private key cannot be used to encrypt and the > public key cannot be used to decrypt. While you are right that "this is not reversible" you are incorrect that the private key cannot be used to encrypt. In fact, the private key MUST be used to encrypt. This is the foundation of the TLS handshake . > This is why it is called asymmetric, as opposed to symmetric where > both ends can both encrypt and decrypt. No, it's called asymmetric because there are two keys involved instead of a single key. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlolojsACgkQHPApP6U8 pFiG4Q/9Hd+pIZgD8OOGVwhuBxPJIttzdSrypDwNVbecz9K4PjBR0ECSc5eiwteb TLn4lbI5Rgrf0DkCnUa8mdc4Ej3ZMpUBpWCJztk9dMHgRBNQgZ0xzq3M2eTmmpI2 Pk7dDpp0H5m2dDASbCYOYe2q/i8FP2VxJuqa0cg0gVLkonEusU2WgfkoAB6uNDCQ imiEjK5KoqNlZCK5AZJzmEE0ekD/R1d+JmOMjteDwtk9yF5JFJIFf9mYrRbsUz1U ViEpWlQ9U0NbJ4wk7zboSjkzgUJdigNCzpHkqGa7aAwJM+yNEIbYw4Ipe1csdI9K R7rzvoqx9bgb1U3LS5SO81nzlhCM7/8jVWYp4uIT6FqotAJcufUZ8tGgPzRV7WAe ofrdBkn8UOY0A7P6yQ5KVkx2ADbenVQBCAzwrjhsBKdzG63bloyrwtOcyQ3evXR0 59zpAnNVz4fwebXAeO0MatKjfJbpWYEPUFBXW2L/++Zw1tUDcxn2exdvwzrN1QLz Q2oFgX3vrc7zl5USTYoE/rtfomG94vwMjYPsILBE/E95gLazfTFszZ6PmOGonFEP SZ0IBsqdYpC/mvJ0yNK3yukS2XYFIR03+dujSGkOVeHZqNe7EDhZWztJxCpX+yaE H9DcNR2nU79pT8LjKwkvq8r2JNOVPtLEa3qBGWLqmq47u6Wx5OQ= =HcjO -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
