cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: How are https messages are being encrypted when no certificates are installed at the client?

From: T A <tedaetc_at_yahoo.com>
Date: Wed, 3 Aug 2005 12:03:57 -0700 (PDT)

Thanks for the reply. I'll take a look into SSL.

My apologies if this is next question is out of the scope of the libcurl group but what are the private / public keys in the certifcate used to encrypt/decrypt? My understanding was that they were used to encrypt/decrypt the https transactions, but it appears otherwise given that curl will do https without any reference to the server's certificate.

Daniel Stenberg <daniel-curl_at_haxx.se> wrote:
On Wed, 3 Aug 2005, T A wrote:

> Does anyone have any insight into how the messages are being encrypted in
> the case where you tell libcurl to *not* verify the peer

The verification or not doesn't affect the encryption at all (AFAIK). If you
want in-depth details on how SSL generically and OpenSSL specifically work,
then I'd assume you're much better off on a openssl-related mailing list (or
even possibly a gnutls-list).

-- 
Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Received on 2005-08-03

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]