I don't think client will need to generate private key -jchonc(James) @佛州华人论坛:佛州枫下论坛 The Rolia Forum of Florida

工作学习 / IT技术讨论 / 请教一个SSL的问题：我理解的SSL应该是Server端生成certificate，用户下载证书，加密数据。但使用银行的online banking时，没有让我下载certificate，也就进入https页面看自己的帐户信息了。它是怎么用SSL的？ -liding_wang(大砍刀再战江湖); 2003-1-15 (#978586@0)

如果颁发证书的机构是很牛x的(认可的,如verisign等), 自动下载...你感觉不到 -expertune(伪而不劣); 2003-1-15 (#978593@0)

Thx . 那我能在硬盘找到它么？另外，我的Windows2000 Server好象下载啥都通知我一声的。 -liding_wang(大砍刀再战江湖); 2003-1-15 (#978600@0)

ie --- tools --- option --- security---里面有, 具体物理在什么地方没注意过, 应该在profile里面吧... -expertune(伪而不劣); 2003-1-16 (#978610@0)

自己生成而没有经过权威人证的certificate, IE都会提示的, 反而那些经过人证的, IE不会提示 -dahuaidan(一个顶仨); 2003-1-16 (#978601@0)
多谢两位! -liding_wang(大砍刀再战江湖); 2003-1-16 (#978608@0)

没关系. 2年前曾经在上面下了很多功夫, 唉, 现在全忘光喽....惨,老了 -expertune(伪而不劣); 2003-1-16 (#978622@0)

:-) -liding_wang(大砍刀再战江湖); 2003-1-16 (#978626@0)

Tools / Internet options / content / Certificates / trust root certification authorities -zhoulang(Lion Sleeping); 2003-1-16 (#978635@0)

哇，果然别有洞天，一大堆可信任的CA名。谢谢。 -liding_wang(大砍刀再战江湖); 2003-1-16 (#978641@0)

你剩下的事就去交钱吧...每年几十百把美金弄一个放自己网站上, 多酷呀 -expertune(伪而不劣); 2003-1-16 (#978645@0)

没啥好加密的东西啊, 再说人家也不信啊. -liding_wang(大砍刀再战江湖); 2003-1-16 (#978654@0)

找那些CA签的名，别人一定会信的 :-) -dennis2(Dennis); 2003-1-16 (#978671@0)

嘿嘿，export了一个仔细看，有趣。 -liding_wang(大砍刀再战江湖); 2003-1-16 (#978649@0)
睡吧.. -expertune(伪而不劣); 2003-1-16 (#978653@0)

晚安 :-) -liding_wang(大砍刀再战江湖); 2003-1-16 (#978655@0)

You are a roaming user, your certificate is stored in the remote LDAP which is in the bank, the certificate is not sent to you. -bryan_swoomn(bfdsfdsf); 2003-1-18 (#983202@0)

？不解，没有证书，数据如何加密呢？ -liding_wang(大砍刀再战江湖); 2003-1-18 (#983218@0)

而且它让我一次性输入账号密码（没有登陆），如果根据我的帐号去Server取我的证书，我的密码传输时不是没有加密？而我解密时是现场下载证书？不解。 -liding_wang(大砍刀再战江湖); 2003-1-18 (#983233@0)

client 端用对方证书中的公钥加密传送数据，而自己本身并不需要证书，server端用私钥解。反之，server端用私钥加密数据，client端用server的公钥解。 -flying_snow(飞雪浮冰); 2003-1-18 (#983244@0)

嗯，这样client只要知道Server（银行）的public key就行了，看来这是一个只加密而没有签名验证的过程。我也觉得roaming user是一个好方案，我还觉得我的密码传过去时没加密（难以想象client用javascript做RSA），是吗？Thx。 -liding_wang(大砍刀再战江湖); 2003-1-18 (#983255@0)

哦，当然也可能只用一个小DES加密，才想出来：-） -liding_wang(大砍刀再战江湖); 2003-1-18 (#983263@0)

也许当你访问对方网页的时候已经下载了对方的证书。我想你一定是在https下载的网页上填写的密码吧？那么对方证书应该在建立ssl通道的时候就悄悄下载了。然后你在这个网页上填写密码，自然就加密以后send回去了。 -flying_snow(飞雪浮冰); 2003-1-18 (#983276@0)

啊，www.royalbank.ca的online banking，是在http下写密码和用户名，验证后弹出https窗口——所以才怀疑它加密了没有。：-） -liding_wang(大砍刀再战江湖); 2003-1-18 (#983284@0)

难怪，TD bank 的网站是在https网页里输入密码的。 -flying_snow(飞雪浮冰); 2003-1-18 (#983297@0)

谢谢，这个问题终于比较明白了。：-） -liding_wang(大砍刀再战江湖); 2003-1-18 (#983302@0)

不是这样。 -dennis2(Dennis); 2003-1-18 (#983845@0)

就是说如果你使用IE的话，它调用winInet函数进行网络通话，winInet 自带ssl加密功能，如果访问https，INTERNET_FLAG_SECURE flag被设置，IE 调用winInet函数先下载对方证书，然后取出对方公钥将你上传的数据加密后传送出去。 -flying_snow(飞雪浮冰); 2003-1-18 (#983292@0)

真是高人啊，（真心的），我一直钻不到这么深。多谢你这么晚了还帮我解答问题！ -liding_wang(大砍刀再战江湖); 2003-1-18 (#983301@0)
公钥（应该是certificate）是做authentication用的，对数据加密用的是临时生成的session key。 -dennis2(Dennis); 2003-1-18 (#983843@0)

Sorry dennis2, 才看到你的回贴。按这种说法，加密时用的并不是RSA是吗？你说的session key是个server端产生的随机数吧，那么client端如何得到它解密数据呢？又是怎样应用SSL的呢？ -liding_wang(大砍刀再战江湖); 2003-1-27 (#1005625@0)

I think you are right, I studied it before. -flying_snow(飞雪浮冰); 2003-1-18 (#983228@0)

Then could you tell me about #983233? -liding_wang(大砍刀再战江湖); 2003-1-18 (#983241@0)

Normally RSA is only used to protect the real key used to encrypt the data stream. use RSA to encrypt the whole stream is too expensive. -jchonc(James); 2003-1-18 (#983450@0)

You are right that it is only used to pretect the encryption key. But you still need to get the PK of the receiver (for whatever it encrypts), isn't it? -liding_wang(大砍刀再战江湖); 2003-1-18 (#983772@0)

SSL uses both encryption methods.That is, synchronous and asynchronous encryption ways(Public Key and Private Key). -rockman12(TianTian); 2003-1-18 {635} (#983886@0)
Public Key is to establish the safe session channel , determine what kind of cipher mode used,and provide the private key created by both sides(client and server) separately.Then the both sides may make use of the same private key to encrypt data stream sent to internet safely. One more word,Public Key and Private Key's length is different.As we know, Public Key length of RSA is usually 1024bit ,but Private key ranges from 56bit to 128 bit. The latter one is only admited to use in the North American two years ago because of export striction of FBI,now it may be used all of the world to provide much stronger chiper than 56bit.

I don't think client will need to generate private key -jchonc(James); 2003-1-28 {536} (#1005941@0)
as you know, the process of finding a prime number and validate it take some time. ( The best result I get 4 years ago is for a 4096bit prime number, take about 15 mins, only tried Euler and Ferma rules, 99%?). Really, if the server does not require the client to have a certificate, there is really no need to ask client generate a keypaire/prime number. As long as the session encrypt key is there.

If you are really interested in this section, you can try to download the source code of openSSL, it's very long, but very useful.

If you only need server authentication, then only the server needs certificate while the client doesn't. In such situation, -secfan(SecurityCat); 2003-1-28 {390} (#1006736@0)
the client will generate a session key and encrypt it using the server's PK and then send it back to the server.Then they can establish an encrypted session using this session key. The server won't generate session key in this case.

If you need client authentication as well, then the client needs a certificate. In this case, both the server and the client can generate session keys.

Is it true that the client and server will use 128/56 bits session key and algorithm to secure the information involved in the communication? -elac(elac); 2003-1-28 {122} (#1006832@0)
So when will the server and client needs authentication for the CA center, can any one give me a detail explaination, thx.

You are right. The client and server will use 128/56-bit session key (symmetric algorithm) to secure the data. -secfan(SecurityCat); 2003-1-28 {1290} (#1006911@0)
本文发表在 rolia.net 枫下论坛Depends on where you live, your browser may only support 40-bit length of session key. And if the server allows 40-bit encrytion in this case, a session using a 40-bit encryption key can be established.

If the server is a public accessed server and needs authentication (such as a online bank server), then the owner should provide accurate id information about their organization and the domain name of the server to a public trusted CA center (such as Verisign). And the CA will generate a certificate for that server. Because you trust the CA, you trust certificates issued by the CA. This is the way how a server is authenticated. Same thing happens when you want to authenticate a client. It's the CA's responsibility to verify that the information you provide is true and accurate.

If you only want to encrypt the session using SSL and you don't care about the authentication of the server, then you can run your own CA and issue certificates to your server by yourself. In such case, your CA is not a public trusted CA. So before the SSL connection is established, you will be prompted that the CA is not a trusted one. Is up to you to accept the certificate or not. If you do accept it, the SSL session can be established. If you don't, the session won't be established.更多精彩文章及讨论，请光临枫下论坛 rolia.net

Thank you so much for such a professional answer. could u please keep on answer som further question about it? -elac(elac); 2003-1-28 {660} (#1007427@0)
1. When my client browser receives the certification from a public trusted site(such as online bank) , the public key will include in it, will my browser send the certification back to CA ( such as verisign) to verify it?
I mean is there any communication between the CA and server or client during this process?
2. for the district restriction, I know that the 128 bit DES althorigm is forbidden to export out of US and Canada, so does it mean it is impossible to download the 128 bit encryption support of IE in China?
How to implement it, though IP? And if I move my computer with 128 bit equipped IE back to China, what will happen?

Thank you so much

Some guess -jchonc(James); 2003-1-29 {429} (#1008421@0)
(1) No. As long as the root certificate is in your trusted list. Otherwise it will just ask you. Technically your workstation just need to check if the signature has been broken, anyway, talk to www.verisign.com is not safer, cause hacker can also hijack the packets.
(2) I think that restriction been lifted, no? Anyway, there are some seperate package you can download for IE 128, no problem using it in China, just not legal.

@Florida

I don't think client will need to generate private key

Replies, comments and Discussions:

More Topics