Dear people on the list:
In the SSL hand-shaking process, does the owner of the certificate
need to send its digital signature along with its certificate?
It seems to be a good idea to do that because the owner of the
certificate may not be the real owner of the certificate. This
means the certificate was a stolen one.
But I am not sure about this argument. What do you think?
Thanks!
Philip
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
