About Question enthuware.ocejws.v6.2.243 :

Moderators: Site Manager, fjwalraven

Post Reply
fabiolino
Posts: 25
Joined: Wed Jun 24, 2015 7:26 am
Contact:

About Question enthuware.ocejws.v6.2.243 :

Post by fabiolino » Thu Jul 09, 2015 4:35 am

I would like some clarification on sequence 3 and 4.

Code: Select all

  3) Client gets CA's certificate (with CA's public key) from the browsers TrustStore.
The client can determine whether to accept the server’s digital certificates by checking
these against its truststore. The received digital certificate is checked against a copy in the truststore. It's right?

Code: Select all

4) Client verifies signature on the Server's certificate with CA's public key.
how client verifies the signature ?

fjwalraven
Posts: 429
Joined: Tue Jul 24, 2012 2:43 am
Contact:

Re: About Question enthuware.ocejws.v6.2.243 :

Post by fjwalraven » Thu Jul 09, 2015 3:28 pm

The received digital certificate is checked against a copy in the truststore. It's right?
No, not exactly. Digital signing is based on PKI. There is a private key and a public key involved.

A Signature is created with the private key. The public key (on the receiving side) is used to decrypt the Signature so that the receiver can verify the senders server address and domain name etc.
how client verifies the signature ?
It decrypts the Signature (with the public key) and reads the information about the sending party.

You don't need a thorough understanding of this topic but you should get the basics right. Please, check and read the links that are provided in the explanation. The describe PKI and its usage well and in an easy to follow manner.

Regards,
Frits

Post Reply

Who is online

Users browsing this forum: No registered users and 8 guests