Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Certificates Question

Reply
Thread Tools

Certificates Question

 
 
SecBoy
Guest
Posts: n/a
 
      03-27-2007
Hi,
I am a total newbie at security, just trying to learn the
basics. So pardon me if my questions are naive.

1) I navigate to mail.yahoo.com using IE6. I see
a golden padlock on the status bar. I click on it to the
see the certificate. In the details tab - I click the public
key field - In the value column I see "RSA (1024 bits)
But if I copy the value from below - 30 81 89 .... 00 01",
I see it's actually 140 bytes (1120 bits) & not 1024 bits.
If I go to the same site using Firefox 2.0.0.3 & look
at the certificate, the subject's public key field shows
"Size: 140 Bytes / 1120 Bits". Why does IE show 1024 instead of 1120.

2) I am looking at a tutorial at
http://www.freesoft.org/CIE/Topics/140.htm
In the paragraph "X.509 Certificates", look at the first
certificate. In the certificate look at the
"Subject Public Key Info:"

RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b4: ..........
.................
.........7e:41:8f

The key is actually 129 bytes or 1032 bits &
not 1024 as stated. Why the discrepency - is it because
of the leading "00"?



 
Reply With Quote
 
 
 
 
Sebastian Gottschalk
Guest
Posts: n/a
 
      03-27-2007
SecBoy wrote:

> Hi,
> I am a total newbie at security, just trying to learn the
> basics. So pardon me if my questions are naive.
>
> 1) I navigate to mail.yahoo.com using IE6.


Why are you abusing MSIE as a webbrowser? Why are you abusing a Webmail
interface?

> I see a golden padlock on the status bar.


So what? Since you're abusing MSIE, this is meaningless.

> I click on it to the
> see the certificate. In the details tab - I click the public
> key field - In the value column I see "RSA (1024 bits)
> But if I copy the value from below - 30 81 89 .... 00 01",
> I see it's actually 140 bytes (1120 bits) & not 1024 bits.
> If I go to the same site using Firefox 2.0.0.3 & look
> at the certificate, the subject's public key field shows
> "Size: 140 Bytes / 1120 Bits". Why does IE show 1024 instead of 1120.


Maybe you should simply read the text on your screen. The size of the
modulus and the size of the public key (containing the modulus) are of
course different, due to encoding.

> 2) I am looking at a tutorial at
> http://www.freesoft.org/CIE/Topics/140.htm
> In the paragraph "X.509 Certificates", look at the first
> certificate. In the certificate look at the
> "Subject Public Key Info:"
>
> RSA Public Key: (1024 bit)
> Modulus (1024 bit):
> 00:b4: ..........
> .................
> .........7e:41:8f
>
> The key is actually 129 bytes or 1032 bits &
> not 1024 as stated. Why the discrepency - is it because
> of the leading "00"?


Obviously. Maybe you should simply read that tutorial first to understand
how encoding is done.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Are SSL certificates and x.509 certificates the same? n33470 ASP .Net Web Services 0 12-14-2005 03:30 PM
PEAP and Certificates Jobe Gates Wireless Networking 2 06-15-2005 12:51 PM
Windows 2000 and computer certificates =?Utf-8?B?am91c3Rl?= Wireless Networking 0 03-21-2005 10:31 AM
Securing Wireless Network w/ certificates and no user intervention? jsoupene@cox.net Wireless Networking 5 02-22-2005 09:51 PM
Self-issued certificates and commercial certificates. Lord Amoeba Computer Security 2 05-05-2004 01:40 PM



Advertisments