Tagged Questions
1
vote
1answer
62 views
SSL Communication and Proxy
Let us say that I have a client and a server communicating using SSL.
If a hacker sets up a proxy between the client and the server, will he be able to decrypt the data which is being sent?
0
votes
1answer
62 views
Determine the Identity of Caller
Let me explain my situation.
I have a provider which is made up of a registration page and a web service. Online vendors (clients) register with the provider by providing details such as username, ...
2
votes
1answer
39 views
Sending Digital Certificates
I used the makecert tool in order to create:
a self-signed certificate
a server certificate using the self-signed certificate
a client certificate using the self-signed certificate
I then ...
2
votes
1answer
61 views
Security Certificates - Tools to Generate Security Certificates
I want to create a self-signed certificate that will be installed as a trusted certificate authority.
I then want to create another two certificates which are signed using the private key of the ...
1
vote
1answer
75 views
The request was aborted: Could not create SSL/TLS secure channel Exception
Let me explain my situation.
I created a self-signed certificate and installed it in the Trusted Root Certification Authorities section in MMC.
I then created two certificates using the self-signed ...
8
votes
2answers
561 views
Are there really functioning quantum computers?
I saw this video on youtube on quantum computing. It says that a company called dwavesys has already made commercially available quantum computer. I checked on the website and it exists. I thought ...
2
votes
2answers
250 views
Revoked certificate validation using past times
I'm working on XAdES implementation for Java, as such I require cryptographic implementation to be able to verify certificates in the past.
Unfortunately I have problems verifying revoked ...
4
votes
1answer
56 views
Standards for CA cert revocation and time-constrained cryptographic algorithm parameters
I'm working on software that will be in use for foreseeable future (15 years+) that will need to validate XAdES-A signatures (long term archival, similar to PAdES-A, but for XML). That means, it will ...
3
votes
1answer
59 views
CMC (RFC 5272) compatible CA server
I need a CA server or any tool that supports Certificate Management over CMS (CMC) format, described in RFC 5272 (RFC 2797). I need a possibility to generate different Full PKI requests and responses ...
4
votes
2answers
179 views
Is it possible to modify a CA without having to reissue all of the derived certificates?
Background: I have my own authoritative certificate that I generated myself for signing certificates for services my friends and I use, including web server, ircd, etc. It's convenient because I ...
-1
votes
2answers
224 views
Request/Creating a Code Signing Certificate
I have need for a code signing certificate which is trusted by a CA in the windows domain. How do I request/create this certificate?
Do I have to request a code signing certificate on the ...
1
vote
2answers
157 views
Using digital signatures to identify users
Consider the following requirement:
Bob should be able to verify that a payment request came from Alice.
The above is in simple terms the basic idea, however, in reality Alice would be user A of ...
1
vote
1answer
316 views
Best Practices for Storing Digital Certificate
I'm building an application where certain sensitive files need to be digitally signed before being stored in the file system using ASN.1 encoding, so they can be verified against a digital certificate ...
6
votes
1answer
2k views
What is the actual value of a certificate fingerprint?
In a x509 digital certificate there is a "certificate fingerprint" section. It contains md5, sha1 and sha256. How are these obtained, and during the SSL connection, how are these values checked for?
4
votes
4answers
312 views
Does a CA need to have the same type of key as the certificates it is signing? RSA / Elliptic Curve (EC/ECDH/ECDSA)
I am making a CA that I hope to be able to sign RSA and Elliptic Curve-capable (EC) keys with. I was wondering if the best approach was:
CA with RSA keys capable of signing RSA and EC CSRs
CA with ...
