No subject

Mon Jun 18 18:45:05 BST 2007

- Client requests a connection, telling what ciphers it supports
- Server uses best cipher it also supports and sends cert, usually
containing a public key and a CA (if no CA, the cert has to be trusted on
the client)
- Client verifies cert with the CA (or against its list of trusted certs)
- Client uses public key to encrypt a session key and sends it
- Server uses private key to decrypt session key, and from now on they use
encryption based on the exchanged session key

So I wonder what kind of cert this is that comes with cvsnt.

> Tony/Arthur could perhaps shed some more insight on this?

That would be nice :)


More information about the cvsnt mailing list