Suppose that you use the SSL protocol and connect to a merchant site, M. The site sends you M’s certificate. When the SSL protocol completes, howcan you be sure that the newsession key can be known only to M (perhaps an intruder has sent you a copy of M’s certificate)? Can you be sure that you are connected to M?

What will be an ideal response?


Only M can decrypt the session key you have created since you encrypted it with M’s public key obtained from a valid certificate. Although you cannot be sure that you are connected to M, you can find out by sending a message encrypted with the new session key. If the reply to that message implies that the site decrypted your message, the site must be M.

Computer Science & Information Technology

You might also like to view...

Visual Basic 2010 includes Crystal Reports.

Answer the following statement true (T) or false (F)

Computer Science & Information Technology

Major ____ identify major units on the axis and are usually identified by a tick mark.

A. axis B. labels C. borders D. gridlines

Computer Science & Information Technology

Which of the following will be launched automatically if Windows 7 detects a problem while booting the system?

A. Restart Manager B. Microsoft Update C. Service-failure Recovery D. Startup Repair Tool

Computer Science & Information Technology

While adding a new ESXi host and configuring a NAT adapter, you receive a warning that one or more hosts have no assigned physical network adapters. What should be done?

A. The host has no compatible network adapters, so a dedicated supported adapter should be installed. B. The "Assign uplink" icon should be selected after the NAT network adapter is added. C. The vswitch0 virtual switch on the host has no configured adapters. D. The host's vmnet8 interface is not configured.

Computer Science & Information Technology