[cryptography] Security Pop-Up of the Day

Paul Walker paul at blacksun.org.uk
Thu Sep 22 06:35:54 EDT 2011


On Thu, Sep 22, 2011 at 09:37:42AM +1000, James A. Donald wrote:

> Email client generates private/public keypair.  Sends public key to CA
> server.  CA server certifies that the owner of the private key
> corresponding to this public key is capable of receiving email at the
> address, emails certificate it back to ostensible email address.

User changes email client, or has two clients on different machines. Second
certificate is received by CA server. Does it now certify both keys? Does it
assume that one is an attack?

User's machine crashes. How do they tell the CA server that the owner of the
public key is no longer capable of receiving email with that private key?

-- 
Paul

Fsck, either way I'm screwed. -- petro
Now *that* is the Sysadmin's motto. -- PdS



More information about the cryptography mailing list