[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cypherpunk Certification Authority

To: [email protected]
Subject: Re: Cypherpunk Certification Authority
From: James Black <[email protected]>
Date: Sun, 26 Nov 1995 16:47:19 -0500 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

Hello,

On Sun, 26 Nov 1995 [email protected] wrote:

> > 	Its an excellent paper, well worth reading, but the basic
> > problem is that X.509 encrypts before signing.
> 
> You'd rather sign before encryption??
> 
> Doesn't that give you "known plain-text" to attack?  i.e. the signature.
> 
> I'm not sure whether it would or wouldn't, but I'm sure some
> cryptographers here might clear that up mighty quick -- before any more
> harm is allowed, I mean. 

  The paper suggested that you have two different keys, one for 
encryption and the other for signatures, and you don't mix the two up, so 
that way you are protecting yourself from someone forging your 
signature, but you are not letting them know what your private key is.
  Make sense?  I would suggest that you read the paper, as it is really 
an excellent document.

==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: [email protected]
http://www.eng.usf.edu/~black/index.html
**************************************************************************

References:
- Re: Cypherpunk Certification Authority
  - From: [email protected]

Prev by Date: Re: key for Alice as promised (not)
Next by Date: Re: Junk E-Mail - Part 4
Prev by thread: Re: Cypherpunk Certification Authority
Next by thread: Re: Cypherpunk Certification Authority
Index(es):
- Date
- Thread