Prev: 26th Chaos Communication Congress: How you can build an eavesdropper for a quantum cryptosystem
Next: Infinite One-Time Pad, is this product BS?
From: Thomas Pornin on 11 Jan 2010 20:08
According to William Ahern <william(a)wilbur.25thandClement.com>:
> Certificate Signing Request.

Ah. Indeed, it is very unsual to keep them around; they are basically
useless once you have the certificate.


> Unless I'm forgetting something, a CSR is just an unsigned X.509
> certificate.

There are several formats for such requests. Some of them are signed,
either by the key owner himself (as a way to assert that he really
owns the key), or by another entity which uses this to guarantee
to the CA that the information contained in the request is proper.
Either way, this is meant to be transient, and discarded once the
certificate is issued.


--Thomas Pornin
First  |  Prev  | 
Pages: 1 2 3
Prev: 26th Chaos Communication Congress: How you can build an eavesdropper for a quantum cryptosystem
Next: Infinite One-Time Pad, is this product BS?