开发者

ssl challenge response

Does the SSL protocol require a challenge to check whethe开发者_JS百科r the subjected machine has access to its private key?


I recommend reading the paper A first few milliseconds of an HTTPS connection. It describes the handshake quite well. You can also fire up wireshark and follow along.


Only in 2 way authentication. Take a peek at this image for the "standard" SSL handshaking and note the lack of a client private key (none is needed). In the 2 way authentication handshake the client must prove it's identity in the same way the server does as per that diagram.

In general the client doesn't need a private key since symmetric keys are created after the servers identity is verified.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜