cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: How are https messages are being encrypted when no certificates are installed at the client?

From: <man_at_tfhs.net>
Date: Wed, 3 Aug 2005 19:14:17 -0000

On Wed, Aug 3, 2005, T A <tedaetc_at_yahoo.com> said:

> Thanks for the reply. I'll take a look into SSL.
>
> My apologies if this is next question is out of the scope of the libcurl group but what are the private / public keys in the certifcate used to encrypt/decrypt? My understanding was that they were used to encrypt/decrypt the https transactions, but it appears otherwise given that curl will do https without any reference to the server's certificate.

it gets the public portion from the server when the ssl session is setup.
it is used to encrypt the entire payload. only basic tcp/ip data is still
in the clear. read up on ssl.

allan

>
>
>
>
> Daniel Stenberg <daniel-curl_at_haxx.se> wrote:
> On Wed, 3 Aug 2005, T A wrote:
>
>> Does anyone have any insight into how the messages are being encrypted in
>> the case where you tell libcurl to *not* verify the peer
>
> The verification or not doesn't affect the encryption at all (AFAIK). If you
> want in-depth details on how SSL generically and OpenSSL specifically work,
> then I'd assume you're much better off on a openssl-related mailing list (or
> even possibly a gnutls-list).
>
> --
> Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com

-- 
Received on 2005-08-03