>For Miguel Cruz posting back there. If I understand correctly, the private >key are inside the public key. Is this correct?
If you have an SSL (or SSH, or whatever) key thingie, it always comes as a "pair" The private half, and the public half. You never, ever, ever, ever give the private half to anybody, anywhere, any time. You give the public half to, well, everybody. Neither the public half nor the private half ever include the other. A message encrypted with either half can only be decrypted with the other half. In the HTTPS exchange, however, extra key-pairs are generated on the fly, and the private half of the new pair are exchanged, encrypted with the public halfs of the old pairs, so that the server and the browser are using a UNIQUE public/private pair so that nobody can snoop on them... Or, at least, it works something like that... I'm telling you, you really don't need to understand this stuff if it gives you a headache as bad as it gives me :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php