I am a beginner to understand the digital signature and digital certificate mechanisms, how they work etc. A certificate contains users' identification information, the public key and the digital signature of CA that signed the certificate. So my question is that What content does CA sign and that is so to speak is digital signature I mean to say what is the information that CA signs by generating cryptographic hash function and then encrypting it using CA private key and sent to the server such that server can validate the digital signature by comparing and generating hash of the information. So the question is what information does CA signs?
1
votes
1 Answers
0
votes
See RFC5280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
4.1.1.3 SignatureValue
The signatureValue field contains a digital signature computed upon the ASN.1 DER encoded tbsCertificate.
And
4.1.1.1 tbscertificate
The field contains the names of the subject and issuer, a public key associated with the subject, a validity period, and other associated information.
