Re: Security with Streams
Re: Security with Streams
- Subject: Re: Security with Streams
- From: Jens Alfke <email@hidden>
- Date: Sun, 26 Jun 2016 22:57:14 -0700
> On Jun 26, 2016, at 8:13 PM, Gerriet M. Denkmann <email@hidden> wrote:
>
> Assume that an evil entity has got hold of “MyServerCertificate.cer”, but has no access to my keychain and thus to the private key of MyServerCertificate.
> Could they use this certificate to open a secure stream to a client? Or do they need the private key to sign?
— Servers don’t open connections to clients; it’s the other way around.
— There’s nothing private about a certificate. In fact, an SSL server sends its certificate out to any client that connects to it, as part of the SSL handshake.
— A certificate contains only the public key, not the private key. It can’t be used to sign anything, only to verify signatures.
—Jens
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden