Hi With PKI, the CA attaches a signature to identity certificate. The signature is the hash of the certificate which is then encrypted with this CA's public key.
Can someone please let me know, which key is used to derive the hash. Let's say there are two peers A and B. Both of them has got the certificate from a CA. Now, if they want to establish a VPN connection with the digital certificates, they send across their certificates. Now lets say peer A is sending it's cerificate to Peer B. Peer B, takes the signature, de-crypts using the peer A's public that was present in the certificate. After decryption, the hash is taken. Now Peer B creates the hash on the certificate on it's own and compares it with the hash that it got after decryption. If both matches, then Peer A is authenticated. Can you please let me know, which key is Peer B using for hashing. The hash algorithm can be found in the certificate. But from where will Peer B get the key. Also, CA should have used the same key as it was the one that created the original hash for signature. My question here is that how did peer B, get the key from the CA server for hashing. With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
