You should go to this
site. It has an answer for just about any SSL
situation.
But, to answer your question - a CA is not sent back to a User - it is sent to a Host and a User will accept that Certificate when they go to the Host's website - and, if they want to go onboard that site and browser a pop-up asking the User to either Accept or Not.For the Host to get a CA - the Host sends an unencrypted key that is made on the exact machine that the Certs will be applied -- to the Signing Authority such as Verisign. Verisign does all kinds of "who are you" checks and when they are convinced you are who you say you are - then Verisign will do an encryption routine that will encapsulate the key you sent them - send it back to you to install on the machine it was made for - then when a User hits that website on that box - your box will make the User accept a key - and that key has no encryption on it so to speak, that you have to deal with. Everything at that point is based on the browser you're sending and receiving with and what kind of pipes are being set up.
-----Original Message-----
From: david [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 4:48 AM
To: [email protected]
Subject: simple question againWhen a CA signs a certificate request , then the certificate is sent to the user . for this, is the certifictate automatically encrypted with the user public key ?
thx
david
Interview 50 Cent 100% I am what I am...
