digital certificate question

From: Edward Norton (doubleccie@yahoo.com)
Date: Fri Apr 13 2007 - 15:42:13 ART

• Next message: Vince Mashburn: "Re: FR PVC QOS Based on Class-Map"
• Previous message: postmaster@traknet.com: "Delivery Status Notification (Failure)"
• Next in thread: TAM: "Re: digital certificate question"
• Maybe reply: TAM: "Re: digital certificate question"
• Maybe reply: Cacca Mucca: "Re: digital certificate question"
• Maybe reply: Cacca Mucca: "Re: digital certificate question"
• Maybe reply: Edward Norton: "Re: digital certificate question"
• Maybe reply: Jian Gu: "Re: digital certificate question"
• Maybe reply: Lay, Rob: "RE: digital certificate question"
• Maybe reply: anthony.sequeira@thomson.com: "RE: digital certificate question"
• Maybe reply: Cacca Mucca: "Re: digital certificate question"
• Maybe reply: M. Mohan: "Re: digital certificate question"
• Maybe reply: Laidlaw, Patrick A.: "RE: digital certificate question"
• Maybe reply: M. Mohan: "Re: digital certificate question"
• Maybe reply: Edward Norton: "Re: digital certificate question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Folks ;
  I have spent some time reading and testing the point of using digital certificate as a way of origin authentication with VPN peers , there is a question with bothers my theory understanding which is as follows
   
  if peerA wants to check that peerB is actually peerB , he would request the digital certificate of peerB (which contains peerB Public key and the signature of the CA ) ...on peerA there are two ceritificates , his own identity certificate and the certificate of the CA (which contains the public key of the CA and will validate the signature of peerB certificate )
   
  all that is ok , now the question is ..since peerB sends out his digital certificate to anyone who request to authenticate with him..why not someone (peerC) gets this certificate ..install it and act as if he is peerB ??
   
   
  i am sure i must be missing something here ...can someone explain this
   
  thanks
   
   
   
   
   
   

       
---------------------------------
Ahhh...imagining that irresistible "new car" smell?
 Check outnew cars at Yahoo! Autos.

• Next message: Vince Mashburn: "Re: FR PVC QOS Based on Class-Map"
• Previous message: postmaster@traknet.com: "Delivery Status Notification (Failure)"
• Next in thread: TAM: "Re: digital certificate question"
• Maybe reply: TAM: "Re: digital certificate question"
• Maybe reply: Cacca Mucca: "Re: digital certificate question"
• Maybe reply: Cacca Mucca: "Re: digital certificate question"
• Maybe reply: Edward Norton: "Re: digital certificate question"
• Maybe reply: Jian Gu: "Re: digital certificate question"
• Maybe reply: Lay, Rob: "RE: digital certificate question"
• Maybe reply: anthony.sequeira@thomson.com: "RE: digital certificate question"
• Maybe reply: Cacca Mucca: "Re: digital certificate question"
• Maybe reply: M. Mohan: "Re: digital certificate question"
• Maybe reply: Laidlaw, Patrick A.: "RE: digital certificate question"
• Maybe reply: M. Mohan: "Re: digital certificate question"
• Maybe reply: Edward Norton: "Re: digital certificate question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:35 ART