Bonjour, > Le 9 sept. 2015 à 14:17, Georgi Guninski <gunin...@guninski.com> a écrit : > > On Wed, Sep 09, 2015 at 12:07:43PM +0000, Viktor Dukhovni wrote: >>> >>> Are you saying I can't sign the cert with another cert >>> (the pubkey is easy to extract from the cert) with openssl? >> >> If you control a trusted root CA, or an intermediate CA issued >> (possibly indirectly) by a trusted root CA, you can sign anything >> you want and it will be trusted. The fact that malfeasant CAs can >> compromise security is not new. >> >> If you don't control a trusted CA, what significance would such a >> signature carry? Yes, most certificates (sometimes constrained by >> KeyUsage) can be used for signing, but unless "CA=true", they can't >> be used to sign other certificates that will be trusted by peers. >> > > I am gonna leave this list very soon. > > Feel free to CC me with answer: > > If I am CA and sign cert requests with vanilla openssl, > will I sign a composite $q$?
If you’re a CA and sign cert requests, you’re responsible to check the public key you’re signing. You could also sign an RSA key with e=1 or a dumb modulus, and it’s not a backdoor in RSA or OpenSSL. _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users