So when you send the CSR including the Public Key - you would send them the
(your) Private Key, also? Then they sign it with a Private Key they've
created? and send it back?
-Original Message-
From: david [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 19, 2005 2:11 AM
To: David Schwartz
Cc
Thanks to the both of you...Josh and Ken.
My questions got answered and I have a better understanding.
and now --
So - I put SSL inside an i-frame and when the user comes into my website -
accepts my certificate - from that point on all documentation sent either
back and forth is encrypted or j
me to describe exactly how it could be done
it terms of protocol specifications.
You should be prepared to produce a convincing demonstration,
in lab environment.
Maybe you'd prefer to just keep talking about that matters instead.
Please be sure that will damage your reputation
Miles Bradfor
isn't that just what i said
seeing as how you seem only to be able to address me - don't! if fact - go
away
if you were so smart - these people wouldn't keep asking the same questions
over and over and over
because they would have gotten the answers from you - obviously you're much
too good or laz
This is why in my other replies to whomever - I made the statement about how
fast all this can be done. It takes at least 3 good handshakes to get
onboard a SSL site - but, what matters the most is that
&*_*&)^&^)*_**;qwepqowifskljfas that surrounds the key - is intact and not
minus or plus one le
I will reply for you...but, I have never setup anything as you asking.
I'm sorry.
I'm sure somewhere there is a forum that can address this issue.
Maybe this is not that forum.
miles
-Original Message-
From: Silvia Gisela Pavon Velasco [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005
That's correct - that's why IBM is buying Bluecoat.
SSL is nothing to a Bluecoat. Child's play :)
-Original Message-
From: Rich Salz [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 1:23 PM
To: Miles Bradford
Cc: 'openssl-users@openssl.org'
Subject: Re: simp
Yes - you are correct...if that entity that does the interception is able to
handle that key without corrupting it - and gets in to the objective server
before the real sender establishes a connection. This kind of phishing and
interception is not fast enough to do the interception, make contact a
You should go to this
site. It has an answer for just about any SSL
situation.
http://www.pseudonym.org/ssl/ssl_cook.html
But, to answer
your question - a CA is not sent back to a User - it is sent to a Host
and a User will accept that Certificate when they go to the Host's website
User a class A or B IP
If you're offsite - your 192.X.X.X probably won't work.
-Original Message-
From: Aaron P. Martinez [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 04, 2005 12:13 PM
To: openssl-users@openssl.org
Subject: validifying RSA key fingerprint
I am trying to figure out how
10 matches
Mail list logo