Solved

Internet explorer pki default key pair

Posted on 2013-01-19
1
467 Views
Last Modified: 2013-01-24
I am trying to get my head around how IE negotiates https/SSL with Internet sites.

My understanding is they use asymetric PKI encryption to send each other a shared session key that both server and client use to encrypt and decrypt the communication.

But to send the session key they must authenticate each other.

My thinking is that the Internet web site public key (certificate) is sent to the client to use for encryption of this initial session key. (the client verifies that it is a valid cert first)

The client sends the ecrypted session key that only the website has the private key (certificate)to decrypt.

The client does not have to send a public key to the website?

Put another way is there a default public/private key pair in Internet Explorer for the client computer or is that not necessary?

Or does the client generate the shared session key and encrypt with the Internet website public cert and send to the website and then after that everything is symetric encryption with the session key?
0
Comment
Question by:Dragon0x40
1 Comment
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 38797937
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now