We will gloss over the full syntax here and focus, instead, on the items of interest in
an X.509 certificate:
??? Subject is the name of the user encoded as a distinguished name (the format for
distinguished names is explained shortly).
??? Subject??™s public key includes not only the key itself, but also information such as
the algorithm used to generate the public key.
??? Issuer??™s Subject is the CA??™s distinguished name.
??? Digital signature is a digital signature of all the information in the certificate.
This digital signature is generated using the CA??™s private key. To verify the digital
signature, the recipient needs the CA??™s public key (which can be found in the
CA??™s certificate).
Subjects in X.509 certificates are not encoded as common names (suchas ???Bob???),
but are instead encoded as distinguished names. A distinguished name is a single line
of text comprising a comma-separated list of name-value pairs. For example:
O=Whatsamatta U, OU=Dept of Woodsmanship, CN=B. Moose
Here, the O= specifies the organization, the OU= specifies the Organizational Unit, and
the CN= specifies the Common Name (generally a person??™s common name).
5.3 STARTTLS
Encryption can improve the security of sendmail. Ordinarily, mail is sent between
two machines in the clear. That is, if you were to watch the transmission of bytes
This is the Title of the Book, eMatter Edition
Copyright ?© 2007 O??™Reilly & Associates, Inc.
Pages:
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388