begin quoting [EMAIL PROTECTED] as of Mon, Sep 01, 2008 at 12:27:31PM -0700: > On Sat, Aug 30, 2008 at 03:57:29PM -0700, SJS wrote: > > If the server doesn't have the private key, how can it compute the > > signature in order to hash it? > > I was responding to a model where the private key is on the fob. >
Yes, I know. Fob encrypts hash with private key -- that's your digital signature -- and then you hash *that* to get the short string to send to the server. That's what you suggested, yes? How does the server determine if that short string is the correct one or not? -- The point of digital signatures is that I can't create 'em with the public key. Stewart Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
