O.K. That's what I expected. Thanks ! Cheers, Phibo
On Tue, 29 Jul 2008 11:47:02 +0200 "Dr. Stephen Henson" <[EMAIL PROTECTED]> wrote: > On Mon, Jul 28, 2008, Phibo wrote: > > > > > Is it possible for a certificate authority (CA) signing my SSL certificate > > signing request (csr) to decrypt my own SSL sessions ? Or, in other words, > > in a csr are there enough infos about my private key to be able to intercept > > SSL sessions encrypted by my public key ? > > > > It can't decrypt anything using your public key no because the CSR only > contains details of your public key and a digital signature. > > A CA could in theory perform a MITM attack, by issuing itself a certificate > with your identity and containing a public key to which it has the private > key. > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
