-----BEGIN PGP SIGNED MESSAGE----- > > Fingerprint (SHA1): D2A0 9515 E9C5 6AFE BBF0 9FFF 90E0 10D0 7E45 30C9 > > Fingerprint (MD5): 431B 3720 AD4F 7FC6 C321 8DB3 41D0 DA60 > > What is the use of the fingerprints? Can they be used to verify something, > somewhere?
hi rick, the theory is that my message gives you an independent way of knowing what the fingerprints of the certificate should be. if you were a pedantically secure type of person, you might bring up (by clicking the lock icon) the certificate details of any SSL secured web page prior to submitting confidential information. upon doing so, you would like to know that the certificate details you are seeing are indeed a match for the data the site operators, which you trust, have announced as legitimate. the mathematical way of doing so would be to double check the fingerprint - the vernacular for the digital hash of the ASN.1 body of the certificate. you would probably also check that the certificate issuer is an expected entity, and that the business entity the certificate was issued to is sensible. at that point, the warm fuzzy feeling in your gut would not subside as you clicked the submit button on the form containing your well thought out non-pseudo randomly generated passphrase. :) happy holidays all, jay w. [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQEVAwUBPCCNRsyM0YPqVE7FAQHTXwf9EKXU78ZSaM7j9MmPThY8FzFt08dW90q1 pzNK/Iwnn096ZTMkQZqF9bIs7qnJI2dc0sXajV5WaXL3wL4imLTlI1pKeSHnN0gE WCI0lUQSbB+Q9pAf8CDwDempkJqPjeDoMWdYFoZMmuhOfFtvDelB3rt1d8L35pVa 8GYQelp9+7UOjh2MjPVqg1wWQOcj6ZoiFwevq5UXZNURJ/24IAfSvW1o9NQD3Jl2 y3qoE0tMblNtz+D8XOurx69bGSetmnOrg5prqMFehfkA/ZdsT9++63Daku0XZUud vUSo4874J9aHtjDo9jDDX5Typ15RYt7neGCqc3Bh4XvNQBz/KGM9hg== =oqGp -----END PGP SIGNATURE----- --- You are currently subscribed to e-gold-tech as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED]
