A certificate consists of a public key and information about the owner (e. g. the name of a person or server).
2
votes
2answers
100 views
Can we design a public-key infrastructure without certificate authorities?
In a recent essay, Bruce Schneier tasks the engineering community with redesigning and rebuilding the vulnerable parts of the Internet's backbone.
We need to figure out how to re-engineer the ...
3
votes
2answers
122 views
Can S/MIME be still considered secure?
Previoulsy I had asked this question at http://stackoverflow.com/questions/18235983/can-s-mime-be-still-considered-secure but I feel this forum is topic-wise the right place.
Recently there has been ...
1
vote
0answers
19 views
Requirements for qualified certificates in DIRECTIVE 1999/93/EC [migrated]
DIRECTIVE 1999/93/EC at ANNEX I Requirements for qualified certificates states that one requirement for qualified certificates is
...
1
vote
0answers
16 views
What is the meaning of http://uri.etsi.org/TrstSvc/eSigDir-1999-93-EC-TrustedList/SvcInfoExt/RootCA-QC from ETSI TS 102 231 V3.1.2 [migrated]
From Technical Spec
http://uri.etsi.org/TrstSvc/eSigDir-1999-93-EC-TrustedList/SvcInfoExt/RootCA-QC
a Root Certification Authority from which a certification path can be
established down to ...
0
votes
1answer
65 views
How does certificate-based encryption solve key revocation problem?
How does certificate-based encryption solve key revocation problem?
For example, if a user accidentally reveals its secret key or an attacker compromises it, the user may request revocation of its ...
0
votes
0answers
51 views
How is SSL secure from rogue Certificate Authorities?
There's one thing that I've never quite understood about SSL (which perhaps means I don't understand SSL at all): how is SSL secure from rogue Certificate Authorities?
This is probably best ...
5
votes
3answers
1k views
Recommended skills for a job in cryptology
First let me apologize if this is an ill posed question. Let me also note that I do not in any way seek a comprehensive answer, simply your thoughts on what makes for a valuable asset to a company ...
0
votes
1answer
56 views
Certificate == signed public key
For primes p and q used to create a keypair, I understand that the following operation is used to create a signature :-
M ^ d (mod N)
where d and N have their usual meanings and M is the message. In ...
4
votes
1answer
135 views
Client and server using same SSL certificate - any issues?
I'm working on software where multiple components will communicate with each other using SSL.
There would be one central component acting as a server, which would also require the clients to present ...
2
votes
1answer
163 views
Generate an insecure public / private key pair
I am looking for a way to generate an "insecure" public key pair. and by insecure I actually mean a pair that is breakable using brute-force (or other encryption) methods.
As far as I know PGP ...
2
votes
0answers
145 views
Creating colliding x509 certificates: Crafting RSA moduli step
I am trying to generate 2 x509 certificates with the same signature but different values in the common name field, based on md5 collisions, as it was specified in this paper (page 7).
Now I have ...
1
vote
0answers
49 views
How to create a public-key certificate for RSA Web of trust?
How to create a public-key certificate for RSA Web of trust?
I have (for exemple) two public / private key pair (obviously).
They all need to sign each other certificate.
How to create the ...
1
vote
1answer
254 views
How does a client verify a server certificate?
As far as I know,
when I request a certificate from Verisign (for example), and after they approved that me is me, they create a certificate (for me) which contains the digital signature and public ...
0
votes
1answer
118 views
Digital Certificate Chain Verification
Does a certificate contain the complete chain of all certificates up to the trusted root certificate, or does the program that verifies certificates have to fetch each parent certificate individually ...
2
votes
4answers
212 views
Signature and Timestamp for Long Term Document Archival Question
I have a PDF document intended for long-term (many years, maybe decades) archival which I would like to digitally sign with my personal certificate to ensure its integrity.
As far as I understand, I ...