dual-use digital signature vulnerabilityastiglic at okiok.com

[Peter Gutmann]

"Sean W. Smith" <sws at cs.dartmouth.edu> writes:

>I would have thought that de facto standard approach is: the client
>constructs the certificate request message, which contains things like the
>public key and identifying info, and signs it.  The CA then checks the
>signature against the public key in the message.

A depressing number of CAs generate the private key themselves and mail out to
the client.  This is another type of PoP, the CA knows the client has the
private key because they've generated it for them.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com