Jeffrey,
The short answer is neither. The client's only use of its private key is
to sign a hash of the handshake messages, one of which includes the server
random value.
_____________________________________
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_____________________________________
----- Original Message -----
From: "Jeffrey Burgoyne" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, March 07, 2001 9:46 AM
Subject: Question on client authentication and signing
> People;
>
> I've been asked to review a document for some PKI system which
> deals with some issues I have not come across before and was hoping
> someone could verify what I believe is true. This is more a browser/SSL
> issue than openssl, but I think I can generalize it enough.
>
> If an SSL server requires a client certificate, are all
> transmissions passed to the server encoded with the private key of the
> client, or just the initial secret key exchange? I'd assume just the
> initial key exchange from what I know of the SSL protocol.
>
> Thanks
>
> Jeffrey Burgoyne
> [EMAIL PROTECTED]
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
