Solved

Internet explorer pki default key pair

Posted on 2013-01-19
1
496 Views
Last Modified: 2013-01-24
I am trying to get my head around how IE negotiates https/SSL with Internet sites.

My understanding is they use asymetric PKI encryption to send each other a shared session key that both server and client use to encrypt and decrypt the communication.

But to send the session key they must authenticate each other.

My thinking is that the Internet web site public key (certificate) is sent to the client to use for encryption of this initial session key. (the client verifies that it is a valid cert first)

The client sends the ecrypted session key that only the website has the private key (certificate)to decrypt.

The client does not have to send a public key to the website?

Put another way is there a default public/private key pair in Internet Explorer for the client computer or is that not necessary?

Or does the client generate the shared session key and encrypt with the Internet website public cert and send to the website and then after that everything is symetric encryption with the session key?
0
Comment
Question by:Dragon0x40
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 38797937
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
Businesses who process credit card payments have to adhere to PCI Compliance standards. Here’s why that’s important.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question