Yes, but the certificate that contains the public key of the server is digital signed by the certificate authority (CA). To create such a certificate requires the secret key of the CA. The public key of the CA is contained in the client software, which uses it to verify the validity of the server certificate. - Don

From jbass@dmsd.com Sat Sep 30 17:15:36 1995 Date: Sat, 30 Sep 95 16:50:05 -0600 From: jbass@dmsd.com (John L. Bass) To: www-security@ns2.rutgers.edu, cypherpunks@toad.com Subject: Re: NetScape's dependence upon RSA down for the count!

Ok ... one more time ... the filter has to replace the client/server keys in the packet stream with it's own ...

John