On 5/04/2018 11:54 PM, Paul Gilmartin wrote:
I believe so but, answering Andrew's question, the signature on messages he sends is encrypted using Andrew's private key which he does not disclose even to the CA. The recipient verifies the signature using the public key obtained from the CA.
Not quite - the recipient verifies the signature using my public key, provided by me in the certificate.
They verify that the certificate I provide is genuine by checking the certificate signature using the public key from the CA.
-- Andrew Rowley Black Hill Software +61 413 302 386 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
