Adam Back writes:
>Is there a possibility with RSA-RSA ciphersuite to have a certified RSA
>signing key, but that key is used to sign an RS key negotiation?
Yes, but not in the way you want. This is what the 1990s-vintage RSA export
ciphersuites did, but they were designed so you couldn't use t
On 25/09/13 13:25, Adam Back wrote:
On Wed, Sep 25, 2013 at 11:59:50PM +1200, Peter Gutmann wrote:
Something that can "sign a new RSA-2048 sub-certificate" is called a
CA. For
a browser, it'll have to be a trusted CA. What I was asking you to
explain is
how the browsers are going to deal with