[openssl-users] Thoughts about security, privacy, ...

Walter H. Walter.H at mathemainzel.info
Fri Oct 30 21:23:36 UTC 2015


On 30.10.2015 21:42, Michael Ströder wrote:
> Walter H. wrote:
>> On Thu, October 29, 2015 11:07, Jakob Bohm wrote:
>>> She (Eve) would know that the requesting party Alice
>>> was talking to Bob at the very moment she sent Trent
>>> the OCSP *request* for Bob's certificate.
>>>
>>> [...] equivalent of having (almost complete) real time
>>> copies of everybody's phone bill/call records.
>>> Who was calling who at what time.
>> this is not a problem as long as the public keys (the certificates) are
>> not really public;
>> because in your example Eve doesn't have the knowledge which certificate
>> the specific serial number has ...
>>
>> if the public keys (the certificates) are searchable by public - the worst
>> case direct by a search engine like google - then you would get an
>> absolute security whole:
> Update for you: https://crt.sh/
>
you know the difference between SSL and S/MIME?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4312 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151030/613aa763/attachment.bin>


More information about the openssl-users mailing list