«

Hi,
I am a total newbie at security, just trying to learn the
basics. So pardon me if my questions are naive.

1) I navigate to mail.yahoo.com using IE6. I see
a golden padlock on the status bar. I click on it to the
see the certificate. In the details tab - I click the public
key field - In the value column I see "RSA (1024 bits)
But if I copy the value from below - 30 81 89 .... 00 01",
I see it's actually 140 bytes (1120 bits) & not 1024 bits.
If I go to the same site using Firefox 2.0.0.3 & look
at the certificate, the subject's public key field shows
"Size: 140 Bytes / 1120 Bits". Why does IE show 1024 instead of 1120.

2) I am looking at a tutorial at
http://www.freesoft.org/CIE/Topics/140.htm
In the paragraph "X.509 Certificates", look at the first
certificate. In the certificate look at the
"Subject Public Key Info:"

RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b4: ..........
.................
.........7e:41:8f

The key is actually 129 bytes or 1032 bits &
not 1024 as stated. Why the discrepency - is it because
of the leading "00"?

SecBoy wrote:

> Hi,
> I am a total newbie at security, just trying to learn the
> basics. So pardon me if my questions are naive.
>
> 1) I navigate to mail.yahoo.com using IE6.

Why are you abusing MSIE as a webbrowser? Why are you abusing a Webmail
interface?

> I see a golden padlock on the status bar.

So what? Since you're abusing MSIE, this is meaningless.

> I click on it to the
> see the certificate. In the details tab - I click the public
> key field - In the value column I see "RSA (1024 bits)
> But if I copy the value from below - 30 81 89 .... 00 01",
> I see it's actually 140 bytes (1120 bits) & not 1024 bits.
> If I go to the same site using Firefox 2.0.0.3 & look
> at the certificate, the subject's public key field shows
> "Size: 140 Bytes / 1120 Bits". Why does IE show 1024 instead of 1120.

Maybe you should simply read the text on your screen. The size of the
modulus and the size of the public key (containing the modulus) are of
course different, due to encoding.

> 2) I am looking at a tutorial at
> http://www.freesoft.org/CIE/Topics/140.htm
> In the paragraph "X.509 Certificates", look at the first
> certificate. In the certificate look at the
> "Subject Public Key Info:"
>
> RSA Public Key: (1024 bit)
> Modulus (1024 bit):
> 00:b4: ..........
> .................
> .........7e:41:8f
>
> The key is actually 129 bytes or 1032 bits &
> not 1024 as stated. Why the discrepency - is it because
> of the leading "00"?

Obviously. Maybe you should simply read that tutorial first to understand
how encoding is done.