The SSL Handshake
808
Managing Servers with Netscape Console • December 2001
Figure K-3
Authentication and Verification of a Client Certificate
An SSL-enabled server goes through these steps to authenticate a user’s identity:
1.
Does the user’s public key validate the user’s digital signature?
The server
checks that the user’s digital signature can be validated with the public key in
the certificate. If so, the server has established that the public key asserted to
belong to John Doe matches the private key used to create the signature and
that the data has not been tampered with since it was signed.
At this point, however, the binding between the public key and the DN
specified in the certificate has not yet been established. The certificate might
have been created by someone attempting to impersonate the user. To validate
the binding between the public key and the DN, the server must also complete
Step 3 and Step 4.
2.
Is today’s date within the validity period?
The server checks the certificate’s
validity period. If the current date and time are outside of that range, the
authentication process won’t go any further. If the current date and time are
within the certificate’s validity period, the server goes on to Step 3.
Содержание Certificate Management System 6.1
Страница 1: ...Administrator s Guide Netscape Certificate Management System Version6 1 February 2003...
Страница 28: ...Documentation 28 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 68: ...Support for Open Standards 68 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 82: ...Uninstalling CMS 82 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 166: ...How a Registration Manager Works 166 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 382: ...ACL Reference 382 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 566: ...Managing Policy Plug in Modules 566 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 710: ...1 3 Organization Security Policies 710 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 716: ...Object Identifiers 716 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 762: ...DNs in Certificate Management System 762 Netscape Certificate Management System Administrator s Guide February 2003...
Страница 794: ...Managing Certificates 794 Managing Servers with Netscape Console December 2001...
Страница 810: ...The SSL Handshake 810 Managing Servers with Netscape Console December 2001...
Страница 828: ...828 Netscape Certificate Management System Administrator s Guide February 2003...