On Fri, Aug 26, 2022 at 01:28:21PM -0700, radiatejava wrote:
> >> and then the same ECDSA key verified by the CA to sign a hash over the
> >> transcript of the handshake itself
>
> Which part of the TLS handshake you are talking about? Are you talking
> about the three messages from the client to
>> and then the same ECDSA key verified by the CA to sign a hash over the
>> transcript of the handshake itself
Which part of the TLS handshake you are talking about? Are you talking
about the three messages from the client to server messages that are -
ClientKeyExchange, ChangeCipherSpec, ClientF
I'll give it a try.
The Certification Authority (CA) that released the certificate has an RSA
key. That was used to generate the signature in the cert, that tells users
that the CA verified the Certificate Subject identity and that they hold
the secret key associated with the Subject's Public Key.
I am a bit confused when an RSA signed ECDSA certificate is being used in TLS.
For example, if you run the test for facebook.com, you will see that
the certificate has ECDSA key but signed with Signature Algorithm:
sha256WithRSAEncryption.
$ openssl s_client -connect www.facebook.com:443
The ci