hi,
there are 2 questions and 4 answers below.
i think 1 & 4 are the correct ans for Qa & Qb both.
but i saw different ans somewhere. 2 & 3 for Qb.
can someone clarify, please?
rabi
--
Qa)What are true for using PKI in XML encryption?
Qb)wt are true about digital signature?
1-The sender uses a public key of receiver to encrypt the data
2-The sender uses its own private key to encrypt the data
3-The receiver uses a public key of the sender to decrypt the data
4-The receiver uses its own private key to decrypt the data
Yaron Naveh
Greenhorn
Joined: Oct 26, 2008
Posts: 24
posted
0
For Qa 1&4 are correct
For Qb 2&3 are correct
I think the way Qb is phrased is misleading somehow but technically 2&3 are correct.
[url]http://webservices20.blogspot.com/[/url]
Web Services Performance, Interoperability And Testing Blog
Rabi Mohapatra
Greenhorn
Joined: Dec 26, 2008
Posts: 6
posted
0
but what is the diff between a & b? i did not understand the diff. can you explain please?
Yaron Naveh
Greenhorn
Joined: Oct 26, 2008
Posts: 24
posted
0
One's public key is known to everybody but his private only to him,
Everybody should be able to encrypt a message and only one person should be able to decrypt it. So everybody will use the receiver public key to encrypt and he will use his key to decrypt (only he should be able to do it).
A signature proves someones identity. With signature only the sender should be able to sign (so others will not be able to impersonate her). Since only she knows here private key she will use it for signing. Everybody should be able to authenticate the signature. So they use the public key which is the only one they know.
Rabi Mohapatra
Greenhorn
Joined: Dec 26, 2008
Posts: 6
posted
0
thanks for explaining!!
Another quick question:
for JSE deployment, the directory name for the myService.wsdl file should be in lower case(wsdl), correct?
Yaron Naveh
Greenhorn
Joined: Oct 26, 2008
Posts: 24
posted
0
I'm not sure about that, I suggest you will open a new thread
In a signature scheme the private key is needed to sign a message; but anyone can check the signature using the public key. Validity depends on private key security.
It means that for Qb 2 & 3 are correct.
However, I'm not sure why above it, it says -
In an encryption scheme anyone can encrypt using the public key, but only the holder of the private key can decrypt. Security depends on the secrecy of the private key.
Any thoughts?
Regards,
Dan
William Butler Yeats: All life is a preparation for something that probably will never happen. Unless you make it happen.
Balaji Loganathan
author and deputy
Bartender
Joined: Jul 13, 2001
Posts: 3150
posted
0
Hi All,
I am moving this thread to Web Services Certification (SCDJWS) forum as its fits pretty well there.
Regards
Balaji D Loganathan
0
