Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Is this correct? Wouldn't they still need all of the leaf private keys to decrypt things?

My understanding was that having a CA's private key just enables someone to issue new child keys for that CA. That vulnerability could be addressed with certificate pinning.



To decrypt after-the-handshake bytes I think you're right, they would need a leaf private key.

However, they absolutely can mount a MITM with the CA root.

EDIT: Further, if they can compel a master key then they can also compel a copy of all the private keys the CA generates.


Not quite sure what you mean, but for the record, as a general rule CAs do not generate keys. They just sign the public keys coming in as Certificate Signing Requests. Without ever seeing the accompanied private key.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: