|
Posted by SecBoy on March 27, 2007, 11:46 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> SecBoy wrote:
>
>> Hi,
>> I am a total newbie at security, just trying to learn the
>> basics. So pardon me if my questions are naive.
>>
>> 1) I navigate to mail.yahoo.com using IE6.
>
> Why are you abusing MSIE as a webbrowser? Why are you abusing a Webmail
> interface?
How am I abusing any of these things?
>
>> I see a golden padlock on the status bar.
>
> So what? Since you're abusing MSIE, this is meaningless.
>
>> I click on it to the
>> see the certificate. In the details tab - I click the public
>> key field - In the value column I see "RSA (1024 bits)
>> But if I copy the value from below - 30 81 89 .... 00 01",
>> I see it's actually 140 bytes (1120 bits) & not 1024 bits.
>> If I go to the same site using Firefox 2.0.0.3 & look
>> at the certificate, the subject's public key field shows
>> "Size: 140 Bytes / 1120 Bits". Why does IE show 1024 instead of 1120.
>
> Maybe you should simply read the text on your screen. The size of the
> modulus and the size of the public key (containing the modulus) are of
> course different, due to encoding.
Again I apologize for being dense. Which is the modulus part of
the public key?
>
>> 2) I am looking at a tutorial at
>> http://www.freesoft.org/CIE/Topics/140.htm
>> In the paragraph "X.509 Certificates", look at the first
>> certificate. In the certificate look at the
>> "Subject Public Key Info:"
>>
>> RSA Public Key: (1024 bit)
>> Modulus (1024 bit):
>> 00:b4: ..........
>> .................
>> .........7e:41:8f
>>
>> The key is actually 129 bytes or 1032 bits &
>> not 1024 as stated. Why the discrepency - is it because
>> of the leading "00"?
>
> Obviously. Maybe you should simply read that tutorial first to understand
> how encoding is done.
I did read the tutorial. But I still didn't get it - my mistake. If someone
could
elaborate, that would be nice.
| 
XML site map