A certificate consists of a public key and information about the owner (e. g. the name of a person or server).

learn more… | top users | synonyms

2
votes
2answers
100 views

Can we design a public-key infrastructure without certificate authorities?

In a recent essay, Bruce Schneier tasks the engineering community with redesigning and rebuilding the vulnerable parts of the Internet's backbone. We need to figure out how to re-engineer the ...
3
votes
2answers
122 views

Can S/MIME be still considered secure?

Previoulsy I had asked this question at http://stackoverflow.com/questions/18235983/can-s-mime-be-still-considered-secure but I feel this forum is topic-wise the right place. Recently there has been ...
1
vote
0answers
19 views

Requirements for qualified certificates in DIRECTIVE 1999/93/EC [migrated]

DIRECTIVE 1999/93/EC at ANNEX I Requirements for qualified certificates states that one requirement for qualified certificates is ...
1
vote
0answers
16 views

What is the meaning of http://uri.etsi.org/TrstSvc/eSigDir-1999-93-EC-TrustedList/SvcInfoExt/RootCA-QC from ETSI TS 102 231 V3.1.2 [migrated]

From Technical Spec http://uri.etsi.org/TrstSvc/eSigDir-1999-93-EC-TrustedList/SvcInfoExt/RootCA-QC a Root Certification Authority from which a certification path can be established down to ...
0
votes
1answer
65 views

How does certificate-based encryption solve key revocation problem?

How does certificate-based encryption solve key revocation problem? For example, if a user accidentally reveals its secret key or an attacker compromises it, the user may request revocation of its ...
0
votes
0answers
51 views

How is SSL secure from rogue Certificate Authorities?

There's one thing that I've never quite understood about SSL (which perhaps means I don't understand SSL at all): how is SSL secure from rogue Certificate Authorities? This is probably best ...
5
votes
3answers
1k views

Recommended skills for a job in cryptology

First let me apologize if this is an ill posed question. Let me also note that I do not in any way seek a comprehensive answer, simply your thoughts on what makes for a valuable asset to a company ...
0
votes
1answer
56 views

Certificate == signed public key

For primes p and q used to create a keypair, I understand that the following operation is used to create a signature :- M ^ d (mod N) where d and N have their usual meanings and M is the message. In ...
4
votes
1answer
135 views

Client and server using same SSL certificate - any issues?

I'm working on software where multiple components will communicate with each other using SSL. There would be one central component acting as a server, which would also require the clients to present ...
2
votes
1answer
163 views

Generate an insecure public / private key pair

I am looking for a way to generate an "insecure" public key pair. and by insecure I actually mean a pair that is breakable using brute-force (or other encryption) methods. As far as I know PGP ...
2
votes
0answers
145 views

Creating colliding x509 certificates: Crafting RSA moduli step

I am trying to generate 2 x509 certificates with the same signature but different values in the common name field, based on md5 collisions, as it was specified in this paper (page 7). Now I have ...
1
vote
0answers
49 views

How to create a public-key certificate for RSA Web of trust?

How to create a public-key certificate for RSA Web of trust? I have (for exemple) two public / private key pair (obviously). They all need to sign each other certificate. How to create the ...
1
vote
1answer
254 views

How does a client verify a server certificate?

As far as I know, when I request a certificate from Verisign (for example), and after they approved that me is me, they create a certificate (for me) which contains the digital signature and public ...
0
votes
1answer
118 views

Digital Certificate Chain Verification

Does a certificate contain the complete chain of all certificates up to the trusted root certificate, or does the program that verifies certificates have to fetch each parent certificate individually ...
2
votes
4answers
212 views

Signature and Timestamp for Long Term Document Archival Question

I have a PDF document intended for long-term (many years, maybe decades) archival which I would like to digitally sign with my personal certificate to ensure its integrity. As far as I understand, I ...

15 30 50 per page