On Wed, 4 Apr 2018 21:20:48 -0700, Charles Mills wrote: >I guess you would call that "issuing a certificate." > >Certificates -- the entire certificate -- are signed. They include a public >key. > I believe so but, answering Andrew's question, the signature on messages he sends is encrypted using Andrew's private key which he does not disclose even to the CA. The recipient verifies the signature using the public key obtained from the CA.
>-----Original Message----- >From: Andrew Rowley >Sent: Wednesday, April 4, 2018 8:45 PM > >> Messages may be signed; a process that involves two keys. > >What do you call it then when I generate a key pair and submit the public key >to a CA, they perform some form of verification and return a certificate to >use with TLS etc? > >I would have said the certificate includes a signed public key, but I admit I >am far from an expert on this stuff. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
