Cypherpunk Certification Authority
James Black
black at eng.usf.edu
Sun Nov 26 14:02:32 PST 1995
Hello,
On Sun, 26 Nov 1995 anonymous-remailer at shell.portal.com wrote:
> > Its an excellent paper, well worth reading, but the basic
> > problem is that X.509 encrypts before signing.
>
> You'd rather sign before encryption??
>
> Doesn't that give you "known plain-text" to attack? i.e. the signature.
>
> I'm not sure whether it would or wouldn't, but I'm sure some
> cryptographers here might clear that up mighty quick -- before any more
> harm is allowed, I mean.
The paper suggested that you have two different keys, one for
encryption and the other for signatures, and you don't mix the two up, so
that way you are protecting yourself from someone forging your
signature, but you are not letting them know what your private key is.
Make sense? I would suggest that you read the paper, as it is really
an excellent document.
==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black at eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************
More information about the cypherpunks-legacy
mailing list