Inspired by @sleevi_ in m.d.s.p.: Detail a meaningful attack that exploits a CA not verifying proof of possession of the private key for the public key in the CSR, or explain why there could never be such a meaningful attack. (FWIW, most USG standards mandate CAs verify PoP.)
-
-
Earlier versions of TLS are similar: the certificate is authenticated by a shared secret known only by client and holder of the private key.
-
In general, I think any protocol which includes the identity of sender in signed message, or identity of recipient in encrypted message, doesn't need CA to check PoP, because there's no way for private key to be used with an unexpected identity.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.